package cn.com.syan.jcee.cm.impl;

import cn.com.syan.jcee.common.impl.InitializationFailedException;
import cn.com.syan.jcee.common.impl.SparkCipher;
import cn.com.syan.jcee.common.impl.SparkSignature;
import cn.com.syan.jcee.common.impl.asn1.SM2BCPrivateKey;
import cn.com.syan.jcee.common.impl.ecc.cipher.SM4SymmetricCipher;
import cn.com.syan.jcee.common.impl.key.PKCS5PBES2;
import cn.com.syan.jcee.common.impl.key.PublicKeyBuilder;
import cn.com.syan.jcee.common.impl.key.SM2BCPublicKey;
import cn.com.syan.jcee.common.impl.key.SparkECPrivateKey;
import cn.com.syan.jcee.common.impl.key.struct.EnvelopedRSAKeyBlob;
import cn.com.syan.jcee.common.impl.key.struct.EnvelopedSM2KeyBlob;
import cn.com.syan.jcee.common.impl.pkcs7.EnvelopedDataGenerator;
import cn.com.syan.jcee.common.impl.pkcs7.PKCS7Signature;
import cn.com.syan.jcee.common.impl.utils.PrivateKeyBuilder;
import cn.unitid.spark.cm.sdk.business.Algorithm;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SignatureException;
import java.security.UnrecoverableKeyException;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import java.util.Date;
import java.util.List;
import org.spongycastle.asn1.ASN1Sequence;
import org.spongycastle.asn1.x509.AlgorithmIdentifier;
import org.spongycastle.jcajce.provider.asymmetric.ec.BCECPrivateKey;
import org.spongycastle.jcajce.provider.asymmetric.ec.BCECPublicKey;
import org.spongycastle.jce.provider.BouncyCastleProvider;

/* loaded from: classes.dex */
public class d implements IPrivateKey {

    /* renamed from: a, reason: collision with root package name */
    private String f2666a;

    /* renamed from: b, reason: collision with root package name */
    private X509Certificate f2667b;
    private String c;
    private boolean d;
    private AlgorithmIdentifier e;
    private String f;
    private String g;
    private BCECPublicKey h;

    private d() {
        this.f2666a = null;
        this.d = false;
        this.f = null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public d(PublicKey publicKey, String str, String str2) {
        this.f2666a = null;
        this.d = false;
        this.f = null;
        this.f2666a = str;
        this.c = e.a(publicKey);
        this.g = str2;
        if (publicKey.getAlgorithm().equals(Algorithm.RSA)) {
            this.f = Algorithm.RSA;
            this.e = IPrivateKey.SHA1WITHRSA;
        } else {
            this.f = Algorithm.SM2;
            this.e = IPrivateKey.SM3WITHSM2;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public d(X509Certificate x509Certificate, String str, String str2) {
        this(x509Certificate.getPublicKey(), str, str2);
        this.f2667b = x509Certificate;
    }

    private PrivateKey a(String str) throws UnrecoverableKeyException, InvalidKeySpecException {
        try {
            byte[] decrypt = new PKCS5PBES2().decrypt(cn.com.syan.jcee.a.d.a(this.f2666a), str.toCharArray());
            if (this.f.equals(Algorithm.RSA)) {
                return PrivateKeyBuilder.buildPrivateKey(decrypt, BouncyCastleProvider.PROVIDER_NAME);
            }
            SparkECPrivateKey buildSparkECPrivateKey = PrivateKeyBuilder.buildSparkECPrivateKey(decrypt);
            this.h = buildSparkECPrivateKey.getECPublicKey();
            return buildSparkECPrivateKey.getECPrivateKey();
        } catch (Exception e) {
            throw new UnrecoverableKeyException(e.getMessage());
        }
    }

    private byte[] a(String str, Object obj, String str2) throws cn.com.syan.jcee.cm.b.b, cn.com.syan.jcee.cm.b.c {
        byte[] decrypt;
        int symmAlgID;
        SM2BCPublicKey sM2BCPublicKey;
        byte[] bArr;
        try {
            if (str.equals(Algorithm.SM2)) {
                EnvelopedSM2KeyBlob envelopedSM2KeyBlob = EnvelopedSM2KeyBlob.getInstance(obj);
                decrypt = decrypt(envelopedSM2KeyBlob.getWrappedKey().getEncoded(), str2);
                bArr = envelopedSM2KeyBlob.getEncryptedPrivateKey();
                int symmAlgID2 = envelopedSM2KeyBlob.getSymmAlgID();
                sM2BCPublicKey = envelopedSM2KeyBlob.getECPublicKey();
                symmAlgID = symmAlgID2;
            } else {
                EnvelopedRSAKeyBlob envelopedRSAKeyBlob = EnvelopedRSAKeyBlob.getInstance(obj);
                decrypt = decrypt(envelopedRSAKeyBlob.getWrappedKey(), str2);
                byte[] encryptedData = envelopedRSAKeyBlob.getEncryptedData();
                symmAlgID = envelopedRSAKeyBlob.getSymmAlgID();
                sM2BCPublicKey = null;
                bArr = encryptedData;
            }
            if (symmAlgID == 1025) {
                SM4SymmetricCipher sM4SymmetricCipher = SM4SymmetricCipher.getInstance(SM4SymmetricCipher.ECB_MODE);
                sM4SymmetricCipher.init(0, decrypt);
                sM4SymmetricCipher.update(bArr);
                return str.equals(Algorithm.SM2) ? new SM2BCPrivateKey(PrivateKeyBuilder.buildBCECPrivateKey(sM4SymmetricCipher.doFinal()), PublicKeyBuilder.buildBCECPublicKey(sM2BCPublicKey)).getEncoded() : sM4SymmetricCipher.doFinal();
            }
            throw new NoSuchAlgorithmException("No such algorithm with id: " + symmAlgID);
        } catch (InitializationFailedException e) {
            throw new cn.com.syan.jcee.cm.b.c("failed to decrypt " + str + " enveloped key blob, cause: " + e.getMessage());
        } catch (Exception e2) {
            throw new cn.com.syan.jcee.cm.b.c("fail to decrypt " + str + " enveloped key blob, cause: " + e2.getMessage());
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String a() {
        return this.f2666a;
    }

    @Override // cn.com.syan.jcee.cm.impl.IPrivateKey
    public byte[] decrypt(byte[] bArr, String str) throws cn.com.syan.jcee.cm.b.b, cn.com.syan.jcee.cm.b.c {
        try {
            PrivateKey a2 = a(str);
            SparkCipher sparkCipher = this.f.equalsIgnoreCase(Algorithm.SM2) ? SparkCipher.getInstance(Algorithm.SM2) : SparkCipher.getInstance(SparkCipher.RSA_PKCS1PADDING);
            sparkCipher.init(2, a2);
            sparkCipher.update(bArr);
            return sparkCipher.doFinal();
        } catch (UnrecoverableKeyException e) {
            throw new cn.com.syan.jcee.cm.b.b("wrong pin code", e);
        } catch (InvalidKeySpecException e2) {
            throw new cn.com.syan.jcee.cm.b.b("wrong pin code", e2);
        } catch (Exception e3) {
            throw new cn.com.syan.jcee.cm.b.c("解密数据失败，错误原因：" + e3.getMessage(), e3);
        }
    }

    @Override // cn.com.syan.jcee.cm.impl.IPrivateKey
    public byte[] decryptEnvelopedPrivateKey(String str, ASN1Sequence aSN1Sequence, String str2) throws cn.com.syan.jcee.cm.b.b, cn.com.syan.jcee.cm.b.c {
        return a(str, aSN1Sequence, str2);
    }

    @Override // cn.com.syan.jcee.cm.impl.IPrivateKey
    public byte[] decryptEnvelopedPrivateKey(String str, byte[] bArr, String str2) throws cn.com.syan.jcee.cm.b.b, cn.com.syan.jcee.cm.b.c {
        try {
            return a(str, ASN1Sequence.getInstance(bArr), str2);
        } catch (Exception unused) {
            return a(str, bArr, str2);
        }
    }

    @Override // cn.com.syan.jcee.cm.impl.IPrivateKey
    public byte[] digestSign(byte[] bArr, String str, String str2) throws cn.com.syan.jcee.cm.b.b, cn.com.syan.jcee.cm.b.c, SignatureException {
        try {
            PrivateKey a2 = a(str2);
            if (this.f.equals(Algorithm.RSA)) {
                throw new Exception("ras digest sign not support now");
            }
            SparkSignature sparkSignature = SparkSignature.getInstance("ECDSASM2withSM3");
            sparkSignature.initSign(a2);
            sparkSignature.update(bArr);
            return sparkSignature.digestSign();
        } catch (InvalidKeyException e) {
            throw new cn.com.syan.jcee.cm.b.b("failed to sign data", e);
        } catch (UnrecoverableKeyException e2) {
            throw new cn.com.syan.jcee.cm.b.b("wrong pin code", e2);
        } catch (InvalidKeySpecException e3) {
            throw new cn.com.syan.jcee.cm.b.b("wrong pin code", e3);
        } catch (Exception e4) {
            throw new cn.com.syan.jcee.cm.b.c(e4);
        }
    }

    @Override // cn.com.syan.jcee.cm.impl.IPrivateKey
    public byte[] encrypt(byte[] bArr, String str, String str2) throws cn.com.syan.jcee.cm.b.b, cn.com.syan.jcee.cm.b.c {
        SparkCipher sparkCipher;
        try {
            PrivateKey a2 = a(str);
            if (this.f.equalsIgnoreCase(Algorithm.SM2)) {
                sparkCipher = SparkCipher.getInstance(Algorithm.SM2);
            } else {
                if (str2 == null) {
                    str2 = SparkCipher.RSA_PKCS1PADDING;
                }
                sparkCipher = SparkCipher.getInstance(str2);
            }
            sparkCipher.init(1, a2);
            sparkCipher.update(bArr);
            return sparkCipher.doFinal();
        } catch (UnrecoverableKeyException e) {
            throw new cn.com.syan.jcee.cm.b.b("wrong pin code", e);
        } catch (InvalidKeySpecException e2) {
            throw new cn.com.syan.jcee.cm.b.b("wrong pin code", e2);
        } catch (Exception e3) {
            throw new cn.com.syan.jcee.cm.b.c("加密数据失败，错误原因：" + e3.getMessage(), e3);
        }
    }

    @Override // cn.com.syan.jcee.cm.impl.IPrivateKey
    public byte[] envelopeOpen(byte[] bArr, String str) throws cn.com.syan.jcee.cm.b.b, cn.com.syan.jcee.cm.b.c {
        try {
            return new EnvelopedDataGenerator().envelopeOpen(bArr, a(str));
        } catch (UnrecoverableKeyException e) {
            throw new cn.com.syan.jcee.cm.b.b("wrong pin code", e);
        } catch (InvalidKeySpecException e2) {
            throw new cn.com.syan.jcee.cm.b.b("wrong pin code", e2);
        } catch (Exception e3) {
            throw new cn.com.syan.jcee.cm.b.c("解密数据失败，错误原因：" + e3.getMessage(), e3);
        }
    }

    @Override // cn.com.syan.jcee.cm.impl.IPrivateKey
    public String getAlgorithm() {
        return this.f;
    }

    @Override // cn.com.syan.jcee.cm.impl.IPrivateKey
    public AlgorithmIdentifier getAlgorithmIdentifier() {
        return this.e;
    }

    @Override // cn.com.syan.jcee.cm.impl.IPrivateKey
    public String getKeyID() {
        return this.c;
    }

    @Override // cn.com.syan.jcee.cm.impl.IPrivateKey
    public String getLastUpdateTime() {
        return this.g;
    }

    @Override // cn.com.syan.jcee.cm.impl.IPrivateKey
    public boolean hasPinUpdated() {
        return this.d;
    }

    @Override // cn.com.syan.jcee.cm.impl.IPrivateKey
    public byte[] pkcs7Sign(byte[] bArr, boolean z, String str, X509Certificate x509Certificate, List<X509Certificate> list) throws cn.com.syan.jcee.cm.b.b, cn.com.syan.jcee.cm.b.c, SignatureException {
        try {
            PrivateKey a2 = a(str);
            PKCS7Signature pKCS7Signature = new PKCS7Signature();
            pKCS7Signature.initSign(a2);
            pKCS7Signature.addSigner(x509Certificate);
            pKCS7Signature.addCertificates(list);
            pKCS7Signature.update(bArr);
            return pKCS7Signature.sign();
        } catch (Exception e) {
            throw new SignatureException("failed to sign pkcs7, cause:" + e.getMessage());
        }
    }

    @Override // cn.com.syan.jcee.cm.impl.IPrivateKey
    public byte[] sign(byte[] bArr, String str) throws cn.com.syan.jcee.cm.b.b, SignatureException, cn.com.syan.jcee.cm.b.c {
        try {
            PrivateKey a2 = a(str);
            if (this.f.equals(Algorithm.RSA)) {
                SparkSignature sparkSignature = SparkSignature.getInstance("SHA1withRSA");
                sparkSignature.initSign(a2);
                sparkSignature.update(bArr);
                return sparkSignature.sign();
            }
            SparkSignature sparkSignature2 = SparkSignature.getInstance("ECDSASM2withSM3");
            sparkSignature2.initSign(a2);
            sparkSignature2.update(bArr);
            return sparkSignature2.sign(this.h);
        } catch (InvalidKeyException e) {
            throw new cn.com.syan.jcee.cm.b.b("failed to sign data", e);
        } catch (UnrecoverableKeyException e2) {
            throw new cn.com.syan.jcee.cm.b.b("wrong pin code", e2);
        } catch (InvalidKeySpecException e3) {
            throw new cn.com.syan.jcee.cm.b.b("wrong pin code", e3);
        } catch (Exception e4) {
            throw new cn.com.syan.jcee.cm.b.c(e4);
        }
    }

    @Override // cn.com.syan.jcee.cm.impl.IPrivateKey
    public void updatePin(String str, String str2) throws cn.com.syan.jcee.cm.b.b, cn.com.syan.jcee.cm.b.c {
        try {
            PrivateKey a2 = a(str);
            PKCS5PBES2 pkcs5pbes2 = new PKCS5PBES2();
            this.d = true;
            if (getAlgorithm().equals(Algorithm.SM2)) {
                this.f2666a = cn.com.syan.jcee.a.d.a(pkcs5pbes2.encrypt(new SM2BCPrivateKey((BCECPrivateKey) a2, this.h).getEncoded(), str2.toCharArray()));
            } else {
                this.f2666a = cn.com.syan.jcee.a.d.a(pkcs5pbes2.encrypt(a2.getEncoded(), str2.toCharArray()));
            }
            this.g = c.a(new Date());
        } catch (UnrecoverableKeyException e) {
            throw new cn.com.syan.jcee.cm.b.b("wrong pin code:" + str, e);
        } catch (InvalidKeySpecException e2) {
            throw new cn.com.syan.jcee.cm.b.b("wrong pin code:" + str, e2);
        } catch (Exception e3) {
            throw new cn.com.syan.jcee.cm.b.c("failed to update pin", e3);
        }
    }

    @Override // cn.com.syan.jcee.cm.impl.IPrivateKey
    public boolean verifyPin(String str) {
        try {
            a(str);
            return true;
        } catch (Exception unused) {
            return false;
        }
    }
}
