package cn.com.infosec.mobile.gm.tls;

import android.support.v4.media.a;
import cn.com.infosec.mobile.gm.tls.CipherSuite;
import cn.com.infosec.mobile.netcert.framework.crypto.impl.gm.SM4;
import com.alipay.mobile.common.transport.multimedia.DjgHttpUrlRequest;
import com.tencent.smtt.sdk.WebView;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.nio.ByteBuffer;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.ShortBufferException;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes.dex */
public final class CipherBox {
    public static final CipherBox NULL = new CipherBox();
    private static final Debug debug = Debug.getInstance("ssl");
    private int blockSize;
    private Cipher cipher;
    private final boolean isCBCMode;
    public byte[] iv;
    private SecureRandom ivRnd;
    private byte[] key;
    public byte[] nextIV;
    private final ProtocolVersion protocolVersion;

    private CipherBox() {
        this.ivRnd = new SecureRandom();
        this.protocolVersion = ProtocolVersion.DEFAULT;
        this.key = null;
        this.isCBCMode = false;
    }

    private CipherBox(ProtocolVersion protocolVersion, CipherSuite.BulkCipher bulkCipher, byte[] bArr, byte[] bArr2, boolean z10) throws NoSuchAlgorithmException {
        SecureRandom secureRandom = new SecureRandom();
        this.ivRnd = secureRandom;
        this.protocolVersion = protocolVersion;
        this.isCBCMode = bulkCipher.isCBCMode;
        this.key = bArr;
        this.iv = bArr2;
        this.blockSize = bulkCipher.keySize;
        byte[] bArr3 = new byte[bArr2.length];
        this.nextIV = bArr3;
        secureRandom.nextBytes(bArr3);
    }

    private static int addPadding(ByteBuffer byteBuffer, int i10) {
        int remaining = byteBuffer.remaining();
        int position = byteBuffer.position();
        int i11 = remaining + 1;
        if (i11 % i10 != 0) {
            int i12 = (i10 - 1) + i11;
            i11 = i12 - (i12 % i10);
        }
        byte b10 = (byte) (i11 - remaining);
        byteBuffer.limit(i11 + position);
        int i13 = 0;
        int i14 = position + remaining;
        while (i13 < b10) {
            byteBuffer.put(i14, (byte) (b10 - 1));
            i13++;
            i14++;
        }
        byteBuffer.position(i14);
        byteBuffer.limit(i14);
        return i11;
    }

    private static int addPadding(byte[] bArr, int i10, int i11, int i12) {
        int i13 = i11 + 1;
        if (i13 % i12 != 0) {
            int i14 = (i12 - 1) + i13;
            i13 = i14 - (i14 % i12);
        }
        byte b10 = (byte) (i13 - i11);
        if (bArr.length < i13 + i10) {
            throw new IllegalArgumentException("no space to pad buffer");
        }
        int i15 = 0;
        int i16 = i10 + i11;
        while (i15 < b10) {
            bArr[i16] = (byte) (b10 - 1);
            i15++;
            i16++;
        }
        return i13;
    }

    public static CipherBox newCipherBox(ProtocolVersion protocolVersion, CipherSuite.BulkCipher bulkCipher, byte[] bArr, byte[] bArr2, boolean z10) throws NoSuchAlgorithmException {
        if (bulkCipher.allowed) {
            return bulkCipher == CipherSuite.B_NULL ? NULL : new CipherBox(protocolVersion, bulkCipher, bArr, bArr2, z10);
        }
        throw new NoSuchAlgorithmException("Unsupported cipher " + bulkCipher);
    }

    private static int removePadding(ByteBuffer byteBuffer, int i10, ProtocolVersion protocolVersion) throws BadPaddingException {
        int remaining = byteBuffer.remaining();
        int position = byteBuffer.position();
        int i11 = (position + remaining) - 1;
        int i12 = byteBuffer.get(i11) & DjgHttpUrlRequest.INNER_BIZ_TYPE_UNKNOWN;
        int i13 = remaining - (i12 + 1);
        if (i13 < 0) {
            throw new BadPaddingException(a.h("Padding length invalid: ", i12));
        }
        if (protocolVersion.f4281v >= ProtocolVersion.TLS11.f4281v) {
            byteBuffer.put(i11, (byte) 0);
            for (int i14 = 1; i14 <= i12; i14++) {
                int i15 = byteBuffer.get(i11 - i14) & DjgHttpUrlRequest.INNER_BIZ_TYPE_UNKNOWN;
                if (i15 != i12) {
                    throw new BadPaddingException(a.h("Invalid TLS padding: ", i15));
                }
            }
        } else if (i12 > i10) {
            throw new BadPaddingException(a.h("Invalid SSLv3 padding: ", i12));
        }
        int i16 = position + i13;
        byteBuffer.position(i16);
        byteBuffer.limit(i16);
        return i13;
    }

    private static int removePadding(byte[] bArr, int i10, int i11, int i12, ProtocolVersion protocolVersion) throws BadPaddingException {
        int i13 = (i10 + i11) - 1;
        int i14 = bArr[i13] & WebView.NORMAL_MODE_ALPHA;
        int i15 = i11 - (i14 + 1);
        if (i15 < 0) {
            throw new BadPaddingException(a.h("Padding length invalid: ", i14));
        }
        if (protocolVersion.f4281v >= ProtocolVersion.TLS11.f4281v) {
            for (int i16 = 1; i16 <= i14; i16++) {
                int i17 = bArr[i13 - i16] & WebView.NORMAL_MODE_ALPHA;
                if (i17 != i14) {
                    throw new BadPaddingException(a.h("Invalid TLS padding: ", i17));
                }
            }
        } else if (i14 > i12) {
            throw new BadPaddingException(a.h("Invalid SSLv3 padding: ", i14));
        }
        return i15;
    }

    public int decrypt(ByteBuffer byteBuffer) throws BadPaddingException {
        int remaining = byteBuffer.remaining();
        if (this.cipher == null) {
            byteBuffer.position(byteBuffer.limit());
            return remaining;
        }
        try {
            int position = byteBuffer.position();
            int update = this.cipher.update(byteBuffer.duplicate(), byteBuffer);
            if (update != remaining) {
                throw new RuntimeException("Cipher buffering error in JCE provider " + this.cipher.getProvider().getName());
            }
            if (debug != null && Debug.isOn("plaintext")) {
                byteBuffer.position(position);
                try {
                    HexDumpEncoder hexDumpEncoder = new HexDumpEncoder();
                    System.out.println("Padded plaintext after DECRYPTION:  len = " + update);
                    hexDumpEncoder.encodeBuffer(byteBuffer, System.out);
                } catch (IOException unused) {
                }
            }
            if (this.blockSize == 0) {
                return update;
            }
            byteBuffer.position(position);
            return removePadding(byteBuffer, this.blockSize, this.protocolVersion);
        } catch (ShortBufferException e10) {
            RuntimeException runtimeException = new RuntimeException(e10.toString());
            runtimeException.initCause(e10);
            throw runtimeException;
        }
    }

    public int decrypt(byte[] bArr, int i10, int i11) throws BadPaddingException {
        if (this.key == null) {
            return i11;
        }
        byte[] bArr2 = new byte[i11];
        System.arraycopy(bArr, i10, bArr2, 0, i11);
        byte[] sm4_cbc_decrypt = SM4.sm4_cbc_decrypt(bArr2, this.key, this.iv);
        System.arraycopy(sm4_cbc_decrypt, 0, bArr, i10, sm4_cbc_decrypt.length);
        int length = sm4_cbc_decrypt.length;
        if (debug != null && Debug.isOn("plaintext")) {
            try {
                HexDumpEncoder hexDumpEncoder = new HexDumpEncoder();
                System.out.println("Padded plaintext after DECRYPTION:  len = " + sm4_cbc_decrypt.length);
                hexDumpEncoder.encodeBuffer(new ByteArrayInputStream(bArr, i10, sm4_cbc_decrypt.length), System.out);
            } catch (IOException unused) {
            }
        }
        int i12 = this.blockSize;
        return i12 != 0 ? removePadding(bArr, i10, length, i12, this.protocolVersion) : length;
    }

    public int encrypt(ByteBuffer byteBuffer) {
        int remaining = byteBuffer.remaining();
        if (this.cipher == null) {
            byteBuffer.position(byteBuffer.limit());
            return remaining;
        }
        try {
            int position = byteBuffer.position();
            int i10 = this.blockSize;
            if (i10 != 0) {
                remaining = addPadding(byteBuffer, i10);
                byteBuffer.position(position);
            }
            if (debug != null && Debug.isOn("plaintext")) {
                try {
                    HexDumpEncoder hexDumpEncoder = new HexDumpEncoder();
                    System.out.println("Padded plaintext before ENCRYPTION:  len = " + remaining);
                    hexDumpEncoder.encodeBuffer(byteBuffer, System.out);
                } catch (IOException unused) {
                }
                byteBuffer.position(position);
            }
            ByteBuffer duplicate = byteBuffer.duplicate();
            int update = this.cipher.update(duplicate, byteBuffer);
            if (byteBuffer.position() != duplicate.position()) {
                throw new RuntimeException("bytebuffer padding error");
            }
            if (update == remaining) {
                return update;
            }
            throw new RuntimeException("Cipher buffering error in JCE provider " + this.cipher.getProvider().getName());
        } catch (ShortBufferException e10) {
            RuntimeException runtimeException = new RuntimeException(e10.toString());
            runtimeException.initCause(e10);
            throw runtimeException;
        }
    }

    public int encrypt(byte[] bArr, int i10, int i11) {
        if (this.key == null) {
            return i11;
        }
        int i12 = this.blockSize;
        if (i12 != 0) {
            i11 = addPadding(bArr, i10, i11, i12);
        }
        if (debug != null && Debug.isOn("plaintext")) {
            try {
                HexDumpEncoder hexDumpEncoder = new HexDumpEncoder();
                System.out.println("Padded plaintext before ENCRYPTION:  len = " + i11);
                hexDumpEncoder.encodeBuffer(new ByteArrayInputStream(bArr, i10, i11), System.out);
            } catch (IOException unused) {
            }
        }
        byte[] bArr2 = new byte[i11];
        System.arraycopy(bArr, i10, bArr2, 0, i11);
        byte[] sm4_cbc_encrypt = SM4.sm4_cbc_encrypt(bArr2, this.key, this.iv);
        System.arraycopy(sm4_cbc_encrypt, 0, bArr, i10, sm4_cbc_encrypt.length);
        byte[] bArr3 = this.nextIV;
        this.iv = bArr3;
        this.ivRnd.nextBytes(bArr3);
        return sm4_cbc_encrypt.length;
    }

    public int getBlockSize() {
        return this.blockSize;
    }

    public boolean isCBCMode() {
        return this.isCBCMode;
    }
}
