package com.redshield.ebl;

import cn.com.syan.jce.constant.ErrorCode;
import cn.com.syan.jce.entity.ECCSdfPublicKey;
import cn.com.syan.jce.exception.EblHsmException;
import cn.com.syan.jce.exception.ServiceException;
import cn.com.syan.jce.service.JceService;
import cn.com.syan.jce.service.impl.JceServiceImpl;
import cn.com.syan.sdfapi.DCUtil;
import cn.com.syan.sdfapi.entity.EccPublicKey;
import cn.com.syan.sdfapi.entity.EccSignature;
import cn.com.syan.sdfapi.entity.RsaPublicKey;
import cn.com.syan.utils.CertificateUtil;
import cn.com.syan.utils.SM4Util;
import java.security.PublicKey;
import java.security.SignatureException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Base64;

/* loaded from: input_file:com/redshield/ebl/HSM.class */
public class HSM extends EblHsmEx {
    @Override // com.redshield.ebl.EblHsmEx
    public byte[] generateRandom(int i) {
        JceServiceImpl jceServiceImpl = null;
        try {
            try {
                jceServiceImpl = new JceServiceImpl();
                byte[] bArr = new byte[i];
                int generateRandom = jceServiceImpl.generateRandom(i, bArr);
                if (generateRandom != 0) {
                    throw new ServiceException(generateRandom, "随机数异常");
                }
                if (jceServiceImpl != null) {
                    jceServiceImpl.closeSession();
                }
                return bArr;
            } catch (Exception e) {
                throw new EblHsmException(e.getMessage());
            }
        } catch (Throwable th) {
            if (jceServiceImpl != null) {
                jceServiceImpl.closeSession();
            }
            throw th;
        }
    }

    @Override // com.redshield.ebl.EblHsmEx
    public String sm3(byte[] bArr) {
        JceService jceService = null;
        try {
            try {
                JceServiceImpl jceServiceImpl = new JceServiceImpl();
                byte[] bArr2 = new byte[32];
                int[] iArr = new int[1];
                int hash = jceServiceImpl.hash(1, (EccPublicKey) null, (byte[]) null, 0, bArr, bArr2, iArr);
                if (hash != 0) {
                    throw new ServiceException(hash, "服务调用异常");
                }
                String encodeToString = Base64.getEncoder().encodeToString(DCUtil.byteSub(bArr2, 0, iArr[0]));
                if (jceServiceImpl != null) {
                    jceServiceImpl.closeSession();
                }
                return encodeToString;
            } catch (Exception e) {
                throw new EblHsmException(e.getMessage());
            }
        } catch (Throwable th) {
            if (0 != 0) {
                jceService.closeSession();
            }
            throw th;
        }
    }

    @Override // com.redshield.ebl.EblHsmEx
    public String sm3WithPubkey(byte[] bArr, PublicKey publicKey) {
        byte[] bytes = "1234567812345678".getBytes();
        EccPublicKey parsePubKey = ECCSdfPublicKey.parsePubKey(publicKey);
        JceService jceService = null;
        try {
            try {
                JceServiceImpl jceServiceImpl = new JceServiceImpl();
                byte[] bArr2 = new byte[32];
                int[] iArr = new int[1];
                int hash = jceServiceImpl.hash(1, parsePubKey, bytes, bytes.length, bArr, bArr2, iArr);
                if (hash != 0) {
                    throw new ServiceException(hash, "服务调用异常");
                }
                String encodeToString = Base64.getEncoder().encodeToString(DCUtil.byteSub(bArr2, 0, iArr[0]));
                if (jceServiceImpl != null) {
                    jceServiceImpl.closeSession();
                }
                return encodeToString;
            } catch (Exception e) {
                throw new EblHsmException(e.getMessage());
            }
        } catch (Throwable th) {
            if (0 != 0) {
                jceService.closeSession();
            }
            throw th;
        }
    }

    public String sm3WithPubkey(byte[] bArr, String str) {
        byte[] bytes = "1234567812345678".getBytes();
        try {
            EccPublicKey parsePubKey = ECCSdfPublicKey.parsePubKey(CertificateUtil.buildX509Certificate(str).getPublicKey());
            JceService jceService = null;
            try {
                try {
                    JceServiceImpl jceServiceImpl = new JceServiceImpl();
                    byte[] bArr2 = new byte[32];
                    int[] iArr = new int[1];
                    int hash = jceServiceImpl.hash(1, parsePubKey, bytes, bytes.length, bArr, bArr2, iArr);
                    if (hash != 0) {
                        throw new ServiceException(hash, "服务调用异常");
                    }
                    String encodeToString = Base64.getEncoder().encodeToString(DCUtil.byteSub(bArr2, 0, iArr[0]));
                    if (jceServiceImpl != null) {
                        jceServiceImpl.closeSession();
                    }
                    return encodeToString;
                } catch (Exception e) {
                    throw new EblHsmException(e.getMessage());
                }
            } catch (Throwable th) {
                if (0 != 0) {
                    jceService.closeSession();
                }
                throw th;
            }
        } catch (CertificateException e2) {
            throw new RuntimeException(e2);
        }
    }

    @Override // com.redshield.ebl.EblHsmEx
    public String sm4EcbEncrypt(byte[] bArr, byte[] bArr2) {
        return Base64.getEncoder().encodeToString(cipher(SM4Util.ALGORITHM_NAME, 0, 0, 1, bArr, null, bArr2));
    }

    @Override // com.redshield.ebl.EblHsmEx
    public byte[] sm4EcbDecrypt(byte[] bArr, String str) {
        return cipher("sm4", 1, 0, 1, bArr, null, Base64.getDecoder().decode(str));
    }

    @Override // com.redshield.ebl.EblHsmEx
    public String sm4CbcEncrypt(byte[] bArr, byte[] bArr2, byte[] bArr3) {
        return Base64.getEncoder().encodeToString(cipher(SM4Util.ALGORITHM_NAME, 0, 1, 1, bArr, bArr2, bArr3));
    }

    @Override // com.redshield.ebl.EblHsmEx
    public byte[] sm4CbcDecrypt(byte[] bArr, byte[] bArr2, String str) {
        return cipher("sm4", 1, 1, 1, bArr, bArr2, Base64.getDecoder().decode(str));
    }

    @Override // com.redshield.ebl.EblHsmEx
    public String hmac(byte[] bArr, String str, byte[] bArr2) {
        if (!str.equalsIgnoreCase("HmacSM3")) {
            throw new ServiceException(-1, "不支持的算法");
        }
        JceService jceService = null;
        long[] jArr = new long[1];
        try {
            try {
                JceServiceImpl jceServiceImpl = new JceServiceImpl();
                jceServiceImpl.symCipherImportKey(bArr, jArr);
                byte[] bArr3 = new byte[bArr2.length + 256];
                int[] iArr = {bArr3.length};
                int eblExternalHMAC = jceServiceImpl.eblExternalHMAC(ErrorCode.SGD_HMAC_SM3, jArr[0], bArr2, bArr3, iArr);
                if (eblExternalHMAC != 0) {
                    throw new SignatureException("error code " + String.format("0x%2X", Integer.valueOf(eblExternalHMAC)));
                }
                String encodeToString = Base64.getEncoder().encodeToString(DCUtil.byteSub(bArr3, 0, iArr[0]));
                if (jArr[0] != 0) {
                    jceServiceImpl.destroyKey(jArr);
                }
                if (jceServiceImpl != null) {
                    jceServiceImpl.closeSession();
                }
                return encodeToString;
            } catch (Exception e) {
                throw new EblHsmException(e.getMessage());
            }
        } catch (Throwable th) {
            if (jArr[0] != 0) {
                jceService.destroyKey(jArr);
            }
            if (0 != 0) {
                jceService.closeSession();
            }
            throw th;
        }
    }

    @Override // com.redshield.ebl.EblHsmEx
    public String signDigest(int i, String str) {
        JceService jceService = null;
        try {
            try {
                JceServiceImpl jceServiceImpl = new JceServiceImpl();
                checkPin(jceServiceImpl, i);
                EccSignature eccSignature = new EccSignature();
                int internalSignEcc = jceServiceImpl.internalSignEcc(i, Base64.getDecoder().decode(str), eccSignature);
                if (internalSignEcc != 0) {
                    throw new ServiceException(internalSignEcc, "签名结果异常");
                }
                String encodeToString = Base64.getEncoder().encodeToString(DCUtil.addBytes(eccSignature.getR(), eccSignature.getS()));
                if (jceServiceImpl != null) {
                    jceServiceImpl.closeSession();
                }
                return encodeToString;
            } catch (Exception e) {
                throw new EblHsmException(e.getMessage());
            }
        } catch (Throwable th) {
            if (0 != 0) {
                jceService.closeSession();
            }
            throw th;
        }
    }

    @Override // com.redshield.ebl.EblHsmEx
    public String sign(int i, byte[] bArr) {
        JceService jceService = null;
        try {
            try {
                JceServiceImpl jceServiceImpl = new JceServiceImpl();
                checkPin(jceServiceImpl, i);
                EccPublicKey eccPublicKey = new EccPublicKey();
                int exportEccPublicKey = jceServiceImpl.exportEccPublicKey(1, i, eccPublicKey);
                if (exportEccPublicKey != 0) {
                    throw new SignatureException("Signature SM3 ExportSignPublicKey error code:" + exportEccPublicKey);
                }
                byte[] bytes = "1234567812345678".getBytes();
                byte[] bArr2 = new byte[32];
                int[] iArr = {bArr2.length};
                int hash = jceServiceImpl.hash(1, eccPublicKey, bytes, bytes.length, bArr, bArr2, iArr);
                if (hash != 0) {
                    throw new SignatureException("Signature SM3 HASH error code:" + hash);
                }
                EccSignature eccSignature = new EccSignature();
                int internalSignEcc = jceServiceImpl.internalSignEcc(i, DCUtil.byteSub(bArr2, 0, iArr[0]), eccSignature);
                if (internalSignEcc != 0) {
                    throw new ServiceException(internalSignEcc, "签名结果异常");
                }
                String encodeToString = Base64.getEncoder().encodeToString(DCUtil.addBytes(eccSignature.getR(), eccSignature.getS()));
                if (jceServiceImpl != null) {
                    jceServiceImpl.closeSession();
                }
                return encodeToString;
            } catch (Exception e) {
                throw new EblHsmException(e.getMessage());
            }
        } catch (Throwable th) {
            if (0 != 0) {
                jceService.closeSession();
            }
            throw th;
        }
    }

    @Override // com.redshield.ebl.EblHsmEx
    public boolean verifySignDigest(String str, String str2, String str3) {
        JceServiceImpl jceServiceImpl = null;
        try {
            try {
                jceServiceImpl = new JceServiceImpl();
                boolean eccSignVerify = jceServiceImpl.eccSignVerify(Base64.getDecoder().decode(str3), CertificateUtil.buildX509Certificate(str).getPublicKey(), Base64.getDecoder().decode(str2));
                if (jceServiceImpl != null) {
                    jceServiceImpl.closeSession();
                }
                return eccSignVerify;
            } catch (Exception e) {
                throw new EblHsmException(e.getMessage());
            }
        } catch (Throwable th) {
            if (jceServiceImpl != null) {
                jceServiceImpl.closeSession();
            }
            throw th;
        }
    }

    @Override // com.redshield.ebl.EblHsmEx
    public boolean verifySignDigest(PublicKey publicKey, String str, String str2) {
        JceServiceImpl jceServiceImpl = null;
        try {
            try {
                jceServiceImpl = new JceServiceImpl();
                boolean eccSignVerify = jceServiceImpl.eccSignVerify(Base64.getDecoder().decode(str2), publicKey, Base64.getDecoder().decode(str));
                if (jceServiceImpl != null) {
                    jceServiceImpl.closeSession();
                }
                return eccSignVerify;
            } catch (Exception e) {
                throw new EblHsmException(e.getMessage());
            }
        } catch (Throwable th) {
            if (jceServiceImpl != null) {
                jceServiceImpl.closeSession();
            }
            throw th;
        }
    }

    @Override // com.redshield.ebl.EblHsmEx
    public boolean verifySign(String str, String str2, byte[] bArr) {
        JceService jceService = null;
        try {
            try {
                JceServiceImpl jceServiceImpl = new JceServiceImpl();
                X509Certificate buildX509Certificate = CertificateUtil.buildX509Certificate(str);
                byte[] bytes = "1234567812345678".getBytes();
                byte[] bArr2 = new byte[32];
                int[] iArr = {bArr2.length};
                int hash = jceServiceImpl.hash(1, EccPublicKey.parsePubKey(buildX509Certificate.getPublicKey()), bytes, bytes.length, bArr, bArr2, iArr);
                if (hash != 0) {
                    throw new SignatureException("Signature SM3 HASH error code:" + hash);
                }
                boolean eccSignVerify = jceServiceImpl.eccSignVerify(DCUtil.byteSub(bArr2, 0, iArr[0]), buildX509Certificate.getPublicKey(), Base64.getDecoder().decode(str2));
                if (jceServiceImpl != null) {
                    jceServiceImpl.closeSession();
                }
                return eccSignVerify;
            } catch (Exception e) {
                throw new EblHsmException(e.getMessage());
            }
        } catch (Throwable th) {
            if (0 != 0) {
                jceService.closeSession();
            }
            throw th;
        }
    }

    @Override // com.redshield.ebl.EblHsmEx
    public boolean verifySign(PublicKey publicKey, String str, byte[] bArr) {
        JceService jceService = null;
        try {
            try {
                JceServiceImpl jceServiceImpl = new JceServiceImpl();
                byte[] bytes = "1234567812345678".getBytes();
                byte[] bArr2 = new byte[32];
                int[] iArr = {bArr2.length};
                int hash = jceServiceImpl.hash(1, EccPublicKey.parsePubKey(publicKey), bytes, bytes.length, bArr, bArr2, iArr);
                if (hash != 0) {
                    throw new SignatureException("Signature SM3 HASH error code:" + hash);
                }
                boolean eccSignVerify = jceServiceImpl.eccSignVerify(DCUtil.byteSub(bArr2, 0, iArr[0]), publicKey, Base64.getDecoder().decode(str));
                if (jceServiceImpl != null) {
                    jceServiceImpl.closeSession();
                }
                return eccSignVerify;
            } catch (Exception e) {
                throw new EblHsmException(e.getMessage());
            }
        } catch (Throwable th) {
            if (0 != 0) {
                jceService.closeSession();
            }
            throw th;
        }
    }

    @Override // com.redshield.ebl.EblHsmEx
    public String generateCSR(String str, int i) {
        JceService jceService = null;
        try {
            try {
                JceServiceImpl jceServiceImpl = new JceServiceImpl();
                checkPin(jceServiceImpl, i);
                byte[] bArr = new byte[str.length() + RsaPublicKey.RSA_MAX_BITS];
                int[] iArr = {bArr.length};
                int generateCSR = jceServiceImpl.generateCSR(i, str.getBytes(), bArr, iArr);
                if (generateCSR != 0) {
                    throw new SignatureException("error code " + String.format("0x%2X", Integer.valueOf(generateCSR)));
                }
                String encodeToString = Base64.getEncoder().encodeToString(DCUtil.byteSub(bArr, 0, iArr[0]));
                if (jceServiceImpl != null) {
                    jceServiceImpl.closeSession();
                }
                return encodeToString;
            } catch (Exception e) {
                throw new EblHsmException(e.getMessage());
            }
        } catch (Throwable th) {
            if (0 != 0) {
                jceService.closeSession();
            }
            throw th;
        }
    }

    @Override // com.redshield.ebl.EblHsmEx
    public String sealEnvelope(String str, String str2) {
        JceService jceService = null;
        try {
            try {
                JceServiceImpl jceServiceImpl = new JceServiceImpl();
                byte[] addPkcs5Padding = addPkcs5Padding(Base64.getDecoder().decode(str2), 1);
                if (addPkcs5Padding == null) {
                    throw new SignatureException("padding error");
                }
                byte[] bArr = new byte[addPkcs5Padding.length + 256];
                int[] iArr = {bArr.length};
                int sealEnvelope = jceServiceImpl.sealEnvelope(ErrorCode.SGD_SM4_ECB, Base64.getDecoder().decode(str), addPkcs5Padding, bArr, iArr);
                if (sealEnvelope != 0) {
                    throw new SignatureException("error code " + String.format("0x%2X", Integer.valueOf(sealEnvelope)));
                }
                String encodeToString = Base64.getEncoder().encodeToString(DCUtil.byteSub(bArr, 0, iArr[0]));
                if (jceServiceImpl != null) {
                    jceServiceImpl.closeSession();
                }
                return encodeToString;
            } catch (Exception e) {
                throw new EblHsmException(e.getMessage());
            }
        } catch (Throwable th) {
            if (0 != 0) {
                jceService.closeSession();
            }
            throw th;
        }
    }

    @Override // com.redshield.ebl.EblHsmEx
    public String openEnvelope(int i, String str) {
        JceService jceService = null;
        try {
            try {
                JceServiceImpl jceServiceImpl = new JceServiceImpl();
                byte[] decode = Base64.getDecoder().decode(str);
                byte[] bArr = new byte[decode.length];
                int[] iArr = {bArr.length};
                checkPin(jceServiceImpl, i);
                int openEnvelope = jceServiceImpl.openEnvelope(i, decode, bArr, iArr);
                if (openEnvelope != 0) {
                    throw new SignatureException("Error code " + String.format("0x%2X", Integer.valueOf(openEnvelope)));
                }
                byte[] byteSub = DCUtil.byteSub(bArr, 0, iArr[0]);
                if (isLastPkg(byteSub)) {
                    String encodeToString = Base64.getEncoder().encodeToString(removePkcs5Padding(byteSub));
                    if (jceServiceImpl != null) {
                        jceServiceImpl.closeSession();
                    }
                    return encodeToString;
                }
                String encodeToString2 = Base64.getEncoder().encodeToString(DCUtil.byteSub(bArr, 0, iArr[0]));
                if (jceServiceImpl != null) {
                    jceServiceImpl.closeSession();
                }
                return encodeToString2;
            } catch (Exception e) {
                throw new EblHsmException(e.getMessage());
            }
        } catch (Throwable th) {
            if (0 != 0) {
                jceService.closeSession();
            }
            throw th;
        }
    }
}
