package cn.com.infosec.oscca;

import cn.com.infosec.netsign.base.util.VerifySignatureException;
import cn.com.infosec.netsign.crypto.exception.CryptoException;
import cn.com.infosec.netsign.crypto.util.CryptoUtil;
import cn.com.infosec.netsign.crypto.util.SoftCryptoImpl;
import cn.com.infosec.netsign.der.util.DERSegment;
import cn.com.infosec.oscca.sm2.SM2;
import cn.com.infosec.oscca.sm2.SM2Cache;
import cn.com.infosec.oscca.sm2.SM2Gear;
import cn.com.infosec.oscca.sm2.SM2PrivateKey;
import cn.com.infosec.oscca.sm2.SM2PublicKey;
import cn.com.infosec.oscca.sm2.SM2Util;
import java.math.BigInteger;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.util.HashMap;

/* loaded from: input_file:cn/com/infosec/oscca/SDFJNI.class */
public final class SDFJNI {
    protected static SM2Cache cache;
    protected static final int RETURN_CODE_OK = 0;
    public static final int ALG_ID_SM3 = 1;
    public static final int ALG_ID_SHA1 = 2;
    public static final int ALG_ID_SHA256 = 4;
    public static final int ALG_ID_SM2_SIGN = 131328;
    protected static final int ALG_ID_SM2_ENCRYPT = 132096;
    protected static final int SGD_SM1_ECB = 257;
    protected static final int SGD_SM1_CBC = 258;
    protected static final int SGD_SM1_CFB = 260;
    protected static final int SGD_SM1_OFB = 264;
    protected static HashMap accessRights;
    private static boolean inited;

    static {
        if (SM2.isSM2SignModeHard() || SM2.isSM2VerifyModeHard()) {
            System.loadLibrary("sdfjni");
            Runtime.getRuntime().addShutdownHook(new Thread(new Runnable() { // from class: cn.com.infosec.oscca.SDFJNI.1
                @Override // java.lang.Runnable
                public void run() {
                    try {
                        System.out.println("Destroy the SDF resources");
                        SDFJNI.destroy();
                    } catch (Exception e) {
                    }
                }
            }));
        }
        if ((!SM2.isSM2SignModeHard() || !SM2.isSM2VerifyModeHard()) && SM2.getSM2Provider() != null) {
            System.loadLibrary(SM2.getSM2Provider());
        }
        if (SM2.isCacheSM2()) {
            cache = new SM2Cache(SM2.getSm2CacheSize(), new SM2Gear(SM2.getSm2SignGear()), new SM2Gear(SM2.getSm2VerifyGear()));
        }
        accessRights = new HashMap();
        inited = false;
    }

    public static void init() throws CryptoException {
        if (SM2.isSM2SignModeHard() || SM2.isSM2VerifyModeHard()) {
            connectDev();
            int retureCode = getRetureCode();
            if (retureCode != 0) {
                throw new CryptoException(new StringBuffer("Connect crypto card failed : ").append(retureCode).toString());
            }
            openSession();
            int retureCode2 = getRetureCode();
            if (retureCode2 != 0) {
                throw new CryptoException(new StringBuffer("Crypto card open session failed : ").append(retureCode2).toString());
            }
        } else if (SM2.getSM2Provider() != null) {
            connectDev();
        }
        inited = true;
    }

    static void destroy() {
        if (SM2.isSM2SignModeHard() || SM2.isSM2VerifyModeHard()) {
            Integer[] numArr = (Integer[]) accessRights.keySet().toArray(new Integer[RETURN_CODE_OK]);
            if (numArr != null) {
                int length = numArr.length;
                for (int i = RETURN_CODE_OK; i < length; i++) {
                    releasePrivateKeyAccessRight(numArr[i].intValue());
                }
            }
            closeSession();
            disConnectDev();
        }
        inited = false;
    }

    public static void generateSM2SignKeyPair(SM2PublicKey sM2PublicKey, SM2PrivateKey sM2PrivateKey) throws CryptoException {
        if (!SM2.isSM2SignModeHard() && !SM2.isSM2VerifyModeHard()) {
            SM2.genKeyPair(sM2PrivateKey.getD(), sM2PublicKey.getX(), sM2PublicKey.getY());
            return;
        }
        if (!inited) {
            throw new CryptoException("SM2 model have not initialized");
        }
        byte[] generateExtECCKeyPair = generateExtECCKeyPair(ALG_ID_SM2_SIGN);
        if (generateExtECCKeyPair.length != 96) {
            throw new CryptoException("Generate SM2 key pair failed");
        }
        byte[] bArr = new byte[32];
        System.arraycopy(generateExtECCKeyPair, RETURN_CODE_OK, bArr, RETURN_CODE_OK, 32);
        sM2PublicKey.setX(bArr);
        byte[] bArr2 = new byte[32];
        System.arraycopy(generateExtECCKeyPair, 32, bArr2, RETURN_CODE_OK, 32);
        sM2PublicKey.setY(bArr2);
        byte[] bArr3 = new byte[32];
        System.arraycopy(generateExtECCKeyPair, 64, bArr3, RETURN_CODE_OK, 32);
        sM2PrivateKey.setD(bArr3);
    }

    public static byte[] SM2SignWithInnerKey(byte[] bArr, String str, int i, String str2, SM2PublicKey sM2PublicKey, byte[] bArr2) throws CryptoException, NoSuchAlgorithmException, NoSuchProviderException {
        if (!SM2.isSM2SignModeHard()) {
            throw new NoSuchAlgorithmException("Not supported by soft alg");
        }
        if (!inited) {
            throw new CryptoException("SM2 model have not initialized");
        }
        byte[] digest = digest(bArr, str, sM2PublicKey, bArr2);
        Boolean bool = (Boolean) accessRights.get(new Integer(i));
        if (!(bool == null ? Boolean.FALSE : bool).booleanValue()) {
            getAccessRight(i, str2);
        }
        byte[] eccSignData = eccSignData(i, digest, digest.length);
        if (eccSignData == null || eccSignData.length == 0) {
            throw new CryptoException(new StringBuffer("Crypto card sign failed :").append(getRetureCode()).toString());
        }
        return eccSignData;
    }

    public static byte[] SM2SignWithExternalKey(byte[] bArr, String str, byte[] bArr2, SM2PublicKey sM2PublicKey, byte[] bArr3) throws CryptoException, NoSuchAlgorithmException, NoSuchProviderException {
        CryptoUtil.debug("SDFJNI SM2SignWithExternalKey plaintext", bArr);
        CryptoUtil.debug(new StringBuffer("SDFJNI SM2SignWithExternalKey digestAlg:").append(str).toString());
        CryptoUtil.debug("SDFJNI SM2SignWithExternalKey d", bArr2);
        CryptoUtil.debug("SDFJNI SM2SignWithExternalKey pubk", sM2PublicKey.getEncoded());
        CryptoUtil.debug("SDFJNI SM2SignWithExternalKey id", bArr3);
        if (cache == null) {
            return SM2SignWithExternalKeyImpl(bArr, str, bArr2, sM2PublicKey, bArr3);
        }
        byte[] signature = cache.getSignature(bArr, str, bArr2);
        if (signature != null) {
            return signature;
        }
        byte[] SM2SignWithExternalKeyImpl = SM2SignWithExternalKeyImpl(bArr, str, bArr2, sM2PublicKey, bArr3);
        cache.putSignatureResult(bArr, str, bArr2, SM2SignWithExternalKeyImpl);
        return SM2SignWithExternalKeyImpl;
    }

    private static byte[] SM2SignWithExternalKeyImpl(byte[] bArr, String str, byte[] bArr2, SM2PublicKey sM2PublicKey, byte[] bArr3) throws CryptoException, NoSuchAlgorithmException, NoSuchProviderException {
        if (!inited) {
            throw new CryptoException("SM2 model have not initialized");
        }
        byte[] digest = digest(bArr, str, sM2PublicKey, bArr3);
        if (!SM2.isSM2SignModeHard()) {
            if (SM2.getSM2Provider() == null) {
                return SM2.signHash(digest, bArr2);
            }
            if (SM2.getSM2Provider().equals(SM2.SM2_PROVIDER_OSCCAV3)) {
                return SM3withSM2Sign(digest, bArr2);
            }
            throw new NoSuchProviderException(SM2.getSM2Provider());
        }
        byte[] eccExtSignData = eccExtSignData(ALG_ID_SM2_SIGN, bArr2, digest);
        byte[] bArr4 = new byte[32];
        System.arraycopy(eccExtSignData, eccExtSignData.length - 64, bArr4, RETURN_CODE_OK, 32);
        byte[] bArr5 = new byte[32];
        System.arraycopy(eccExtSignData, eccExtSignData.length - 32, bArr5, RETURN_CODE_OK, 32);
        return SM2Util.derEncode(new BigInteger(bArr4), new BigInteger(bArr5));
    }

    public static boolean SM2VierifyWithExternalKey(byte[] bArr, String str, byte[] bArr2, byte[] bArr3, byte[] bArr4) throws VerifySignatureException, NoSuchAlgorithmException, NoSuchProviderException, CryptoException {
        return SM2VierifyWithExternalKey(bArr, str, bArr2, new SM2PublicKey(bArr3), bArr4);
    }

    public static boolean SM2VierifyWithExternalKey(byte[] bArr, String str, byte[] bArr2, SM2PublicKey sM2PublicKey, byte[] bArr3) throws VerifySignatureException, NoSuchAlgorithmException, NoSuchProviderException, CryptoException {
        boolean z;
        CryptoUtil.debug("SDFJNI SM2VierifyWithExternalKey plaintext", bArr);
        CryptoUtil.debug(new StringBuffer("SDFJNI SM2VierifyWithExternalKey digestAlg:").append(str).toString());
        CryptoUtil.debug("SDFJNI SM2VierifyWithExternalKey pubk", sM2PublicKey.getEncoded());
        CryptoUtil.debug("SDFJNI SM2VierifyWithExternalKey id", bArr3);
        if (cache == null) {
            return SM2VerifyWithExternalKeyImpl(bArr, str, bArr2, sM2PublicKey, bArr3);
        }
        String verifyResult = cache.getVerifyResult(bArr, bArr2, sM2PublicKey.getX(), sM2PublicKey.getY(), str);
        if (!verifyResult.equals(SM2Cache.VERIFY_RESULT_NOCACHE)) {
            return verifyResult.equals(SM2Cache.VERIFY_RESULT_TRUE);
        }
        try {
            z = SM2VerifyWithExternalKeyImpl(bArr, str, bArr2, sM2PublicKey, bArr3);
        } catch (Exception e) {
            e.printStackTrace();
            z = RETURN_CODE_OK;
        }
        cache.putVerifyResult(bArr, bArr2, sM2PublicKey.getX(), sM2PublicKey.getY(), str, z);
        return z;
    }

    private static boolean SM2VerifyWithExternalKeyImpl(byte[] bArr, String str, byte[] bArr2, SM2PublicKey sM2PublicKey, byte[] bArr3) throws VerifySignatureException, NoSuchAlgorithmException, NoSuchProviderException, CryptoException {
        if (!inited) {
            throw new CryptoException("SM2 model have not initialized");
        }
        byte[] digest = digest(bArr, str, sM2PublicKey, bArr3);
        if (SM2.isSM2VerifyModeHard()) {
            byte[] formatSignedMsg = formatSignedMsg(bArr2);
            byte[] bArr4 = new byte[32];
            System.arraycopy(formatSignedMsg, RETURN_CODE_OK, bArr4, RETURN_CODE_OK, 32);
            byte[] bArr5 = new byte[32];
            System.arraycopy(formatSignedMsg, 32, bArr5, RETURN_CODE_OK, 32);
            return eccExtVerify(ALG_ID_SM2_SIGN, SoftCryptoImpl.KEY_256, sM2PublicKey.getX(), sM2PublicKey.getY(), digest, bArr4, bArr5) == 0;
        }
        if (SM2.getSM2Provider() == null) {
            byte[] formatSignedMsg2 = formatSignedMsg(bArr2);
            byte[] bArr6 = new byte[64];
            System.arraycopy(sM2PublicKey.getX(), RETURN_CODE_OK, bArr6, RETURN_CODE_OK, 32);
            System.arraycopy(sM2PublicKey.getY(), RETURN_CODE_OK, bArr6, 32, 32);
            return SM2.verifyHash(digest, formatSignedMsg2, bArr6);
        }
        if (!SM2.getSM2Provider().equals(SM2.SM2_PROVIDER_OSCCAV3)) {
            throw new NoSuchProviderException(SM2.getSM2Provider());
        }
        byte[] bArr7 = new byte[65];
        bArr7[RETURN_CODE_OK] = 4;
        System.arraycopy(sM2PublicKey.getX(), RETURN_CODE_OK, bArr7, 1, 32);
        System.arraycopy(sM2PublicKey.getY(), RETURN_CODE_OK, bArr7, 33, 32);
        return SM3withSM2Verify(bArr2, digest, bArr7) == 0;
    }

    private static byte[] formatSignedMsg(byte[] bArr) throws VerifySignatureException {
        if (bArr.length == 64) {
            return bArr;
        }
        while (bArr[RETURN_CODE_OK] == 0) {
            byte[] bArr2 = new byte[bArr.length - 1];
            System.arraycopy(bArr, 1, bArr2, RETURN_CODE_OK, bArr2.length);
            bArr = bArr2;
        }
        if (bArr[RETURN_CODE_OK] != 48) {
            throw new VerifySignatureException("Bad signature structon");
        }
        byte[] bArr3 = new byte[64];
        try {
            DERSegment innerDERSegment = new DERSegment(bArr).getInnerDERSegment();
            byte[] innerData = innerDERSegment.nextDERSegment().getInnerData();
            System.arraycopy(innerData, innerData.length - 32, bArr3, RETURN_CODE_OK, 32);
            byte[] innerData2 = innerDERSegment.nextDERSegment().getInnerData();
            System.arraycopy(innerData2, innerData2.length - 32, bArr3, 32, 32);
            return bArr3;
        } catch (Exception e) {
            throw new VerifySignatureException(e);
        }
    }

    public static byte[] digest(byte[] bArr, String str, SM2PublicKey sM2PublicKey, byte[] bArr2) throws NoSuchAlgorithmException, NoSuchProviderException {
        byte[] SHADigest;
        String upperCase = str.toUpperCase();
        if (upperCase.startsWith("SM3")) {
            SHADigest = bArr2 != null ? OSCCAMessageDigest.SM3Digest(bArr2, sM2PublicKey.getX(), sM2PublicKey.getY(), bArr) : OSCCAMessageDigest.SM3Digest(null, null, null, bArr);
        } else {
            if (!upperCase.startsWith("SHA1") && !upperCase.equals("SHA-1") && !upperCase.startsWith("SHA256") && !upperCase.equals("SHA-256")) {
                throw new NoSuchAlgorithmException(new StringBuffer("Can not support ").append(upperCase).append(" except SM3,SHA1,SHA256").toString());
            }
            SHADigest = bArr2 != null ? OSCCAMessageDigest.SHADigest(upperCase, bArr2, sM2PublicKey.getX(), sM2PublicKey.getY(), bArr) : OSCCAMessageDigest.SHADigest(upperCase, null, null, null, bArr);
        }
        CryptoUtil.debug("digest result", SHADigest);
        return paddingDigest(SHADigest, new byte[32]);
    }

    private static byte[] paddingDigest(byte[] bArr, byte[] bArr2) {
        if (bArr == null) {
            return null;
        }
        if (bArr.length >= bArr2.length) {
            return bArr;
        }
        int length = bArr2.length - bArr.length;
        if (length <= 2) {
            bArr2[RETURN_CODE_OK] = 1;
        } else {
            bArr2[RETURN_CODE_OK] = 1;
            int i = length - 1;
            for (int i2 = 1; i2 < i; i2++) {
                bArr2[i2] = -1;
            }
        }
        System.arraycopy(bArr, RETURN_CODE_OK, bArr2, length, bArr.length);
        return bArr2;
    }

    protected static synchronized byte[] SM3Digest(byte[] bArr, byte[] bArr2, SM2PublicKey sM2PublicKey) throws CryptoException {
        if (inited) {
            return bArr2 == null ? digest(1, bArr, bArr.length) : digestWithID(1, bArr, bArr2, sM2PublicKey.getX(), sM2PublicKey.getY());
        }
        throw new CryptoException("SM2 model have not initialized");
    }

    private static synchronized void getAccessRight(int i, String str) throws CryptoException {
        if (!inited) {
            throw new CryptoException("SM2 model have not initialized");
        }
        Boolean bool = (Boolean) accessRights.get(new Integer(i));
        if ((bool == null ? Boolean.FALSE : bool).booleanValue()) {
            return;
        }
        int privateKeyAccessRight = getPrivateKeyAccessRight(i, str.getBytes(), str.length());
        if (privateKeyAccessRight != 0) {
            throw new CryptoException(new StringBuffer("Failed to get private key ").append(i).append(" access rigth:").append(privateKeyAccessRight).toString());
        }
        accessRights.put(new Integer(i), new Boolean(true));
    }

    private static byte[][] parseKey(byte[] bArr) {
        byte[][] bArr2 = new byte[2][32];
        System.arraycopy(bArr, bArr.length - 64, bArr2[RETURN_CODE_OK], RETURN_CODE_OK, 32);
        System.arraycopy(bArr, bArr.length - 32, bArr2[1], RETURN_CODE_OK, 32);
        return bArr2;
    }

    public static byte[] exportPublicKey(int i) throws CryptoException {
        if (inited) {
            return exportEccSignPublicKey(i);
        }
        throw new CryptoException("SM2 model have not initialized");
    }

    public static native int getRetureCode();

    /* JADX INFO: Access modifiers changed from: protected */
    public static native int connectDev();

    /* JADX INFO: Access modifiers changed from: protected */
    public static native int disConnectDev();

    /* JADX INFO: Access modifiers changed from: protected */
    public static native int openSession();

    /* JADX INFO: Access modifiers changed from: protected */
    public static native int closeSession();

    /* JADX INFO: Access modifiers changed from: protected */
    public static native int getPrivateKeyAccessRight(int i, byte[] bArr, int i2);

    /* JADX INFO: Access modifiers changed from: protected */
    public static native int releasePrivateKeyAccessRight(int i);

    /* JADX INFO: Access modifiers changed from: protected */
    public static native byte[] exportEccSignPublicKey(int i);

    /* JADX INFO: Access modifiers changed from: protected */
    public static native byte[] eccSignData(int i, byte[] bArr, int i2);

    /* JADX INFO: Access modifiers changed from: protected */
    public static native int eccExtVerify(int i, int i2, byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4, byte[] bArr5);

    protected static native byte[] eccExtSignData(int i, byte[] bArr, byte[] bArr2);

    /* JADX INFO: Access modifiers changed from: protected */
    public static native byte[] digest(int i, byte[] bArr, int i2);

    protected static native byte[] digestWithID(int i, byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4);

    /* JADX INFO: Access modifiers changed from: protected */
    public static native byte[] internalSM1Encrypt(int i, int i2, byte[] bArr);

    /* JADX INFO: Access modifiers changed from: protected */
    public static native byte[] internalSM1Decrypt(int i, int i2, byte[] bArr);

    /* JADX INFO: Access modifiers changed from: protected */
    public static native byte[] SM1Encrypt(int i, byte[] bArr, byte[] bArr2);

    /* JADX INFO: Access modifiers changed from: protected */
    public static native byte[] SM1Decrypt(int i, byte[] bArr, byte[] bArr2);

    protected static native byte[] generateExtECCKeyPair(int i);

    protected static native byte[] SM3withSM2Sign(byte[] bArr, byte[] bArr2);

    protected static native int SM3withSM2Verify(byte[] bArr, byte[] bArr2, byte[] bArr3);
}
