package cn.com.jit.ida.util.pki.cipher.lib;

import cn.com.jit.ida.util.pki.ECDSAParser;
import cn.com.jit.ida.util.pki.EDDSAParser;
import cn.com.jit.ida.util.pki.PKIException;
import cn.com.jit.ida.util.pki.PKIToolConfig;
import cn.com.jit.ida.util.pki.Parser;
import cn.com.jit.ida.util.pki.asn1.ASN1EncodableVector;
import cn.com.jit.ida.util.pki.asn1.ASN1InputStream;
import cn.com.jit.ida.util.pki.asn1.ASN1Sequence;
import cn.com.jit.ida.util.pki.asn1.BERSequence;
import cn.com.jit.ida.util.pki.asn1.DERBitString;
import cn.com.jit.ida.util.pki.asn1.DERNull;
import cn.com.jit.ida.util.pki.asn1.DERObjectIdentifier;
import cn.com.jit.ida.util.pki.asn1.DEROctetString;
import cn.com.jit.ida.util.pki.asn1.DERSequence;
import cn.com.jit.ida.util.pki.asn1.pkcs.PKCSObjectIdentifiers;
import cn.com.jit.ida.util.pki.asn1.x509.AlgorithmIdentifier;
import cn.com.jit.ida.util.pki.cipher.JCrypto;
import cn.com.jit.ida.util.pki.cipher.JHandle;
import cn.com.jit.ida.util.pki.cipher.JKey;
import cn.com.jit.ida.util.pki.cipher.JKeyPair;
import cn.com.jit.ida.util.pki.cipher.Mechanism;
import cn.com.jit.ida.util.pki.cipher.Mechanisms;
import cn.com.jit.ida.util.pki.cipher.Session;
import cn.com.jit.ida.util.pki.cipher.param.CBCParam;
import cn.com.jit.ida.util.pki.cipher.param.EnvkeyParam;
import cn.com.jit.ida.util.pki.cipher.param.GenKeyAttribute;
import cn.com.jit.ida.util.pki.cipher.softsm.SM2;
import cn.com.jit.ida.util.pki.cipher.softsm.Util;
import cn.com.jit.ida.util.pki.encoders.Hex;
import java.io.ByteArrayInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.math.BigInteger;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.List;
import java.util.Properties;

/* loaded from: classes.dex */
public class JHARDLib implements Session {
    private static final long AES_KEY_GEN = 4224;
    private static final String CKC_KEYTYPE_DSA_PRIVATEKEY = "8";
    private static final String CKC_KEYTYPE_DSA_PRIVATEKEYID = "128";
    private static final String CKC_KEYTYPE_DSA_PUBLICKEY = "4";
    private static final String CKC_KEYTYPE_DSA_PUBLICKEYID = "64";
    private static final String CKC_KEYTYPE_ECDSA_PRIVATEKEY = "257";
    private static final String CKC_KEYTYPE_ECDSA_PRIVATEKEYID = "259";
    private static final String CKC_KEYTYPE_ECDSA_PUBLICKEY = "256";
    private static final String CKC_KEYTYPE_ECDSA_PUBLICKEYID = "258";
    private static final String CKC_KEYTYPE_ED25519_PRIVATEKEY = "1282";
    private static final String CKC_KEYTYPE_ED25519_PRIVATEKEYID = "1284";
    private static final String CKC_KEYTYPE_ED25519_PUBLICKEY = "1281";
    private static final String CKC_KEYTYPE_ED25519_PUBLICKEYID = "1283";
    private static final String CKC_KEYTYPE_MASTERKEYID = "153";
    private static final String CKC_KEYTYPE_RSA_PRIVATEKEY = "2";
    private static final String CKC_KEYTYPE_RSA_PRIVATEKEYID = "32";
    private static final String CKC_KEYTYPE_RSA_PUBLICKEY = "1";
    private static final String CKC_KEYTYPE_RSA_PUBLICKEYID = "16";
    private static final String CKC_KEYTYPE_SM2_PRIVATEKEY = "-2147483391";
    private static final String CKC_KEYTYPE_SM2_PRIVATEKEYID = "-2147483389";
    private static final String CKC_KEYTYPE_SM2_PUBLICKEY = "-2147483392";
    private static final String CKC_KEYTYPE_SM2_PUBLICKEYID = "-2147483390";
    private static final String CKC_KEYTYPE_SYMMETRY = "145";
    private static final long CKM_AES_CBC = 4226;
    private static final long CKM_AES_CTR = 4230;
    private static final long CKM_AES_ECB = 4225;
    private static final long CKM_AES_XTS = -2147483380;
    private static final long CKM_ED25519_SIGN = 20485;
    private static final long CKM_RSA_RAW = -2130706431;
    private static final long CKM_SF33_CBC = -2147483598;
    private static final long CKM_SF33_ECB = -2147483599;
    private static final long CKM_SM4_CTR = -2147483382;
    private static final long CKM_SM4_XTS = -2147483381;
    private static final long DES3_CBC = 307;
    private static final long DES3_ECB = 306;
    private static final long DES3_KEY = 305;
    private static final long DES_CBC = 290;
    private static final long DES_ECB = 289;
    private static final long DES_KEY = 288;
    private static final long DSA = 16;
    private static final long DSA_SHA1 = 18;
    private static final long DSA_SHA224 = 19;
    private static final long DSA_SHA256 = 20;
    private static final long ECDSA = 4160;
    private static final long ECDSA_256K1 = -2147483135;
    private static final long ECDSA_256R1 = -2147483134;
    private static final long ECDSA_384R1 = -2147482878;
    private static final long ECDSA_SHA1 = 4162;
    private static final long ECDSA_SHA224 = 4163;
    private static final long ECDSA_SHA256 = 4164;
    private static final String JIT_CKR_ARGUMENTS_BAD = "7";
    private static final String JIT_CKR_ATTRIBUTE_READ_ONLY = "16";
    private static final String JIT_CKR_DATA_INVALID = "32";
    private static final String JIT_CKR_ENCRYPTED_DATA_INVALID = "64";
    private static final String JIT_CKR_FUNCTION_FAILED = "6";
    private static final String JIT_CKR_GENERAL_ERROR = "5";
    private static final String JIT_CKR_HOST_MEMORY = "2";
    private static final String JIT_CKR_NEED_TO_CREATE_THREADS = "9";
    private static final String JIT_CKR_NO_EVENT = "8";
    private static final String JIT_CKR_OK = "0";
    private static final String JIT_CKR_OPERATION_NOT_INITIALIZED = "145";
    private static final String JIT_CKR_SLOT_ID_INVALID = "3";
    private static final String JIT_CKR_USER_ALREADY_LOGGED_IN = "256";
    private static final String JIT_CKR_USER_NOT_LOGGED_IN = "257";
    private static final String JIT_CKR_USER_PIN_NOT_INITIALIZED = "258";
    private static final String JIT_CKR_USER_TYPE_INVALID = "259";
    private static final long MD2 = 512;
    private static final long MD2_HMAC = 513;
    private static final long MD5 = 528;
    private static final long MD5_HMAC = 529;
    private static final long MD5_RSA_PKCS = 5;
    public static final String PROVIDER = "HARDLIB";
    private static final long RC2_CBC = 258;
    private static final long RC2_ECB = 257;
    private static final long RC2_KEY = 256;
    private static final long RC4 = 273;
    private static final long RC4_KEY = 272;
    private static final long RSA = 0;
    private static final long RSA_PKCS = 1;
    private static final long SCB2_CBC = -2147483631;
    private static final long SCB2_ECB = -2147483632;
    private static final long SCB2_KEY_GEN = -2147483633;
    private static final long SF33_KEY_GEN = -2147483600;
    private static final long SHA1 = 544;
    private static final long SHA1_HMAC = 545;
    private static final long SHA1_RSAPSS_PKCS = 14;
    private static final long SHA1_RSA_PKCS = 6;
    private static final long SHA224 = 597;
    private static final long SHA224_RSAPSS_PKCS = 71;
    private static final long SHA224_RSA_PKCS = 70;
    private static final long SHA256 = 592;
    private static final long SHA256_RSAPSS_PKCS = 67;
    private static final long SHA256_RSA_PKCS = 64;
    private static final long SHA384 = 608;
    private static final long SHA384_RSAPSS_PKCS = 68;
    private static final long SHA384_RSA_PKCS = 65;
    private static final long SHA512 = 624;
    private static final long SHA512_RSAPSS_PKCS = 69;
    private static final long SHA512_RSA_PKCS = 66;
    private static final long SIGN_WITH_ECDSA_256K1 = -2147483133;
    private static final long SIGN_WITH_ECDSA_256R1 = -2147483132;
    private static final long SIGN_WITH_ECDSA_384R1 = -2147482876;
    private static final long SW_SM2 = -2147450879;
    private static final long SW_SM2_RAW = -2147450368;
    private static final long SW_SM3 = -2147483643;
    private static final long SW_SM3_SM2 = -2147450624;
    private static final long SW_SM4_CBC = -2147483383;
    private static final long SW_SM4_ECB = -2147483384;
    private static final long SW_SM4_KEY_GEN = -2147483385;
    private static final String JIT_CKR_CANT_LOCK = "10";
    private static final String JIT_CKR_ATTRIBUTE_SENSITIVE = "17";
    private static final String JIT_CKR_ATTRIBUTE_TYPE_INVALID = "18";
    private static final String JIT_CKR_ATTRIBUTE_VALUE_INVALID = "19";
    private static final String JIT_CKR_DATA_LEN_RANGE = "33";
    private static final String JIT_CKR_DEVICE_ERROR = "48";
    private static final String JIT_CKR_DEVICE_MEMORY = "49";
    private static final String JIT_CKR_DEVICE_REMOVED = "50";
    private static final String JIT_CKR_ENCRYPTED_DATA_LEN_RANGE = "65";
    private static final String JIT_CKR_FUNCTION_CANCELED = "80";
    private static final String JIT_CKR_FUNCTION_NOT_PARALLEL = "81";
    private static final String JIT_CKR_FUNCTION_NOT_SUPPORTED = "84";
    private static final String JIT_CKR_KEY_HANDLE_INVALID = "96";
    private static final String JIT_CKR_KEY_SIZE_RANGE = "98";
    private static final String JIT_CKR_KEY_TYPE_INCONSISTENT = "99";
    private static final String JIT_CKR_KEY_NOT_NEEDED = "100";
    private static final String JIT_CKR_KEY_CHANGED = "101";
    private static final String JIT_CKR_KEY_NEEDED = "102";
    private static final String JIT_CKR_KEY_INDIGESTIBLE = "103";
    private static final String JIT_CKR_KEY_FUNCTION_NOT_PERMITTED = " 104";
    private static final String JIT_CKR_KEY_NOT_WRAPPABLE = "105";
    private static final String JIT_CKR_KEY_UNEXTRACTABLE = "106";
    private static final String JIT_CKR_MECHANISM_INVALID = "112";
    private static final String JIT_CKR_MECHANISM_PARAM_INVALID = "113";
    private static final String JIT_CKR_OBJECT_HANDLE_INVALID = "130";
    private static final String JIT_CKR_OPERATION_ACTIVE = "144";
    private static final String JIT_CKR_PIN_INCORRECT = "160";
    private static final String JIT_CKR_PIN_INVALID = "161";
    private static final String JIT_CKR_PIN_LEN_RANGE = "162";
    private static final String JIT_CKR_PIN_EXPIRED = "163";
    private static final String JIT_CKR_PIN_LOCKED = "164";
    private static final String JIT_CKR_SESSION_CLOSED = "176";
    private static final String JIT_CKR_SESSION_COUNT = "177";
    private static final String JIT_CKR_SESSION_HANDLE_INVALID = "179";
    private static final String JIT_CKR_SESSION_PARALLEL_NOT_SUPPORTED = "180";
    private static final String JIT_CKR_SESSION_READ_ONLY = "181";
    private static final String JIT_CKR_SESSION_EXISTS = "182";
    private static final String JIT_CKR_SESSION_READ_ONLY_EXISTS = "183";
    private static final String JIT_CKR_SESSION_READ_WRITE_SO_EXISTS = "184";
    private static final String JIT_CKR_SIGNATURE_INVALID = "192";
    private static final String JIT_CKR_SIGNATURE_LEN_RANGE = "193";
    private static final String JIT_CKR_TEMPLATE_INCOMPLETE = "208";
    private static final String JIT_CKR_TEMPLATE_INCONSISTENT = "209";
    private static final String JIT_CKR_TOKEN_NOT_PRESENT = "224";
    private static final String JIT_CKR_TOKEN_NOT_RECOGNIZED = "225";
    private static final String JIT_CKR_TOKEN_WRITE_PROTECTED = "226";
    private static final String JIT_CKR_UNWRAPPING_KEY_HANDLE_INVALID = "240";
    private static final String JIT_CKR_UNWRAPPING_KEY_SIZE_RANGE = "241";
    private static final String JIT_CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT = "242";
    private static final String JIT_CKR_USER_ANOTHER_ALREADY_LOGGED_IN = " 260";
    private static final String JIT_CKR_USER_TOO_MANY_TYPES = "261";
    private static final String JIT_CKR_WRAPPED_KEY_INVALID = "272";
    private static final String JIT_CKR_WRAPPED_KEY_LEN_RANGE = "274";
    private static final String JIT_CKR_WRAPPING_KEY_HANDLE_INVALID = "275";
    private static final String JIT_CKR_WRAPPING_KEY_SIZE_RANGE = "276";
    private static final String JIT_CKR_WRAPPING_KEY_TYPE_INCONSISTENT = "277";
    private static final String JIT_CKR_RANDOM_SEED_NOT_SUPPORTED = "288";
    private static final String JIT_CKR_RANDOM_NO_RNG = "289";
    private static final String JIT_CKR_DOMAIN_PARAMS_INVALID = "304";
    private static final String JIT_CKR_BUFFER_TOO_SMALL = "336";
    private static final String JIT_CKR_SAVED_STATE_INVALID = "352";
    private static final String JIT_CKR_INFORMATION_SENSITIVE = "368";
    private static final String JIT_CKR_STATE_UNSAVEABLE = "384";
    private static final String JIT_CKR_CRYPTOKI_NOT_INITIALIZED = "400";
    private static final String JIT_CKR_CRYPTOKI_ALREADY_INITIALIZED = "401";
    private static final String JIT_CKR_MUTEX_BAD = "416";
    private static final String JIT_CKR_MUTEX_NOT_LOCKED = "417";
    private static final String JIT_PARSE_FAIL = "4096";
    private static final String JIT_CKR_OUTOFMEMORY = "4097";
    private static final String JIT_CKR_MEMORYNOTNULL = "4098";
    private static final String JIT_CKR_NOTSUPPORT = "4099";
    private static final String JIT_LOADLIBRARY_FAIL = "4353";
    private static final String JIT_GEFUNCTIONLIST_FAIL = "4354";
    private static final String JIT_HANDLE_NULL = "4609";
    private static final String JIT_FUNCTIONLISTPTR_NULL = "4610";
    private static final String JIT_ENCRYPTLENGTH_NULL = "4611";
    private static final String JIT_DECRYPTLENGTH_NULL = "4612";
    private static final String JIT_CUSTOM_PRIVATEKEY_ERR = "4865";
    private static final String JIT_CUSTOM_PUBLICKEY_ERR = "4866";
    private static final String JIT_CUSTOM_LENGTH_INVALID = "5121";
    private static final String JIT_KEYTYPE_INVALID = "5122";
    private static final String JIT_KEYLENGTHE_INVALID = "5123";
    private static final String JIT_MECHANISM_INVALID = "5124";
    private static final String JIT_GETUNEXPORTPUBLICKEY_FAIL = "5377";
    private static final String JIT_GETUNEXPORTPRIVATEKEY_FAIL = "5378";
    private static final String JIT_GETMASTERKEY_FAIL = "5379";
    private static final String JIT_GETKEYLENGTH_FAIL = "5380";
    private static final String JIT_GETKEY_FAIL = "5381";
    private static final String JIT_GETPUBLICKEY_FAIL = "5382";
    private static final String JIT_GETPRIVATEKEY_FAIL = "5383";
    private static final String JIT_GETCERT_FAIL = "5384";
    private static final String JIT_CREATEPRIVATEKEY_FAIL = "5385";
    private static final String JIT_ENCRYPTINIT_FAIL = "5386";
    private static final String JIT_ENCRYPTUPDATE_FAIL = "5403";
    private static final String JIT_ENCRYPTFINAL_FAIL = "5404";
    private static final String JIT_DECRYPTINIT_FAIL = "5405";
    private static final String JIT_DECRYPTUPDATE_FAIL = "5406";
    private static final String JIT_DECRYPTFINAL_FAIL = "5407";
    private static final String[][] hardException = {new String[]{"0", "successful"}, new String[]{"2", "memory error"}, new String[]{"3", "SLOT_ID_INVALID"}, new String[]{"5", "GENERAL_ERROR"}, new String[]{"6", "FUNCTION_FAILED"}, new String[]{"7", "ARGUMENTS_BAD"}, new String[]{"8", "NO_EVENT"}, new String[]{"9", "NEED_TO_CREATE_THREADS"}, new String[]{JIT_CKR_CANT_LOCK, "CANT_LOCK"}, new String[]{"16", "ATTRIBUTE_READ_ONLY"}, new String[]{JIT_CKR_ATTRIBUTE_SENSITIVE, "ATTRIBUTE_SENSITIVE"}, new String[]{JIT_CKR_ATTRIBUTE_TYPE_INVALID, "ATTRIBUTE_TYPE_INVALID"}, new String[]{JIT_CKR_ATTRIBUTE_VALUE_INVALID, "ATTRIBUTE_VALUE_INVALID"}, new String[]{"32", "DATA_INVALID"}, new String[]{JIT_CKR_DATA_LEN_RANGE, "DATA_LEN_RANGE"}, new String[]{JIT_CKR_DEVICE_ERROR, "DEVICE_ERROR"}, new String[]{JIT_CKR_DEVICE_MEMORY, "DEVICE_MEMORY_ERROR"}, new String[]{JIT_CKR_DEVICE_REMOVED, "DEVICE_REMOVED"}, new String[]{"64", "ENCRYPTED_DATA_INVALID"}, new String[]{JIT_CKR_ENCRYPTED_DATA_LEN_RANGE, "ENCRYPTED_DATA_LEN_RANGE"}, new String[]{JIT_CKR_FUNCTION_CANCELED, "FUNCTION_CANCELED"}, new String[]{JIT_CKR_FUNCTION_NOT_PARALLEL, "FUNCTION_NOT_PARALLEL"}, new String[]{JIT_CKR_FUNCTION_NOT_SUPPORTED, "FUNCTION_NOT_SUPPORTED"}, new String[]{JIT_CKR_KEY_HANDLE_INVALID, "KEY_HANDLE_INVALID"}, new String[]{JIT_CKR_KEY_SIZE_RANGE, "KEY_SIZE_RANGE"}, new String[]{JIT_CKR_KEY_TYPE_INCONSISTENT, "KEY_TYPE_INCONSISTENT"}, new String[]{JIT_CKR_KEY_NOT_NEEDED, "KEY_NOT_NEEDED"}, new String[]{JIT_CKR_KEY_CHANGED, "KEY_CHANGED"}, new String[]{JIT_CKR_KEY_NEEDED, "KEY_NEEDED"}, new String[]{JIT_CKR_KEY_INDIGESTIBLE, "KEY_INDIGESTIBLE"}, new String[]{JIT_CKR_KEY_FUNCTION_NOT_PERMITTED, "FUNCTION_NOT_PERMITTED"}, new String[]{JIT_CKR_KEY_NOT_WRAPPABLE, "KEY_NOT_WRAPPABLE"}, new String[]{JIT_CKR_KEY_UNEXTRACTABLE, "KEY_UNEXTRACTABLE"}, new String[]{JIT_CKR_MECHANISM_INVALID, "MECHANISM_INVALID"}, new String[]{JIT_CKR_MECHANISM_PARAM_INVALID, "MECHANISM_PARAM_INVALID"}, new String[]{JIT_CKR_OBJECT_HANDLE_INVALID, "OBJECT_HANDLE_INVALID"}, new String[]{JIT_CKR_OPERATION_ACTIVE, "OPERATION_ACTIVE"}, new String[]{"145", "OPERATION_NOT_INITIALIZED"}, new String[]{JIT_CKR_PIN_INCORRECT, "PIN_INCORRECT"}, new String[]{JIT_CKR_PIN_INVALID, "PIN_INVALID"}, new String[]{JIT_CKR_PIN_LEN_RANGE, "PIN_LEN_RANGE"}, new String[]{JIT_CKR_PIN_EXPIRED, "PIN_EXPIRED"}, new String[]{JIT_CKR_PIN_LOCKED, "PIN_LOCKED"}, new String[]{JIT_CKR_SESSION_CLOSED, "SESSION_CLOSED"}, new String[]{JIT_CKR_SESSION_COUNT, "SESSION_COUNT"}, new String[]{JIT_CKR_SESSION_HANDLE_INVALID, "SESSION_HANDLE_INVALID"}, new String[]{JIT_CKR_SESSION_PARALLEL_NOT_SUPPORTED, "SESSION_PARALLEL_NOT_SUPPORTED"}, new String[]{JIT_CKR_SESSION_READ_ONLY, "SESSION_READ_ONLY"}, new String[]{JIT_CKR_SESSION_EXISTS, "SESSION_EXISTS"}, new String[]{JIT_CKR_SESSION_READ_ONLY_EXISTS, "SESSION_READ_ONLY_EXISTS"}, new String[]{JIT_CKR_SESSION_READ_WRITE_SO_EXISTS, "SESSION_READ_WRITE_SO_EXISTS"}, new String[]{JIT_CKR_SIGNATURE_INVALID, "SIGNATURE_INVALID"}, new String[]{JIT_CKR_SIGNATURE_LEN_RANGE, "SIGNATURE_LEN_RANGE"}, new String[]{JIT_CKR_TEMPLATE_INCOMPLETE, "TEMPLATE_INCOMPLETE"}, new String[]{JIT_CKR_TEMPLATE_INCONSISTENT, "TEMPLATE_INCONSISTENT"}, new String[]{JIT_CKR_TOKEN_NOT_PRESENT, "TOKEN_NOT_PRESENT"}, new String[]{JIT_CKR_TOKEN_NOT_RECOGNIZED, "TOKEN_NOT_RECOGNIZED"}, new String[]{JIT_CKR_TOKEN_WRITE_PROTECTED, "TOKEN_WRITE_PROTECTED"}, new String[]{JIT_CKR_UNWRAPPING_KEY_HANDLE_INVALID, "UNWRAPPING_KEY_HANDLE_INVALID"}, new String[]{JIT_CKR_UNWRAPPING_KEY_SIZE_RANGE, "UNWRAPPING_KEY_SIZE_RANGE"}, new String[]{JIT_CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT, "UNWRAPPING_KEY_TYPE_INCONSISTENT"}, new String[]{"256", "USER_ALREADY_LOGGED_IN"}, new String[]{"257", "USER_NOT_LOGGED_IN"}, new String[]{"258", "USER_PIN_NOT_INITIALIZED"}, new String[]{"259", "USER_TYPE_INVALID"}, new String[]{JIT_CKR_USER_ANOTHER_ALREADY_LOGGED_IN, "USER_ANOTHER_ALREADY_LOGGED_IN"}, new String[]{JIT_CKR_USER_TOO_MANY_TYPES, "USER_TOO_MANY_TYPES"}, new String[]{JIT_CKR_WRAPPED_KEY_INVALID, "WRAPPED_KEY_INVALID"}, new String[]{JIT_CKR_WRAPPED_KEY_LEN_RANGE, "WRAPPED_KEY_LEN_RANGE"}, new String[]{JIT_CKR_WRAPPING_KEY_HANDLE_INVALID, "WRAPPING_KEY_HANDLE_INVALID"}, new String[]{JIT_CKR_WRAPPING_KEY_SIZE_RANGE, "WRAPPING_KEY_SIZE_RANGE"}, new String[]{JIT_CKR_WRAPPING_KEY_TYPE_INCONSISTENT, "WRAPPING_KEY_TYPE_INCONSISTENT"}, new String[]{JIT_CKR_RANDOM_SEED_NOT_SUPPORTED, "RANDOM_SEED_NOT_SUPPORTED"}, new String[]{JIT_CKR_RANDOM_NO_RNG, "RANDOM_NO_RNG"}, new String[]{JIT_CKR_DOMAIN_PARAMS_INVALID, "DOMAIN_PARAMS_INVALID"}, new String[]{JIT_CKR_BUFFER_TOO_SMALL, "BUFFER_TOO_SMALL"}, new String[]{JIT_CKR_SAVED_STATE_INVALID, "SAVED_STATE_INVALID"}, new String[]{JIT_CKR_INFORMATION_SENSITIVE, "INFORMATION_SENSITIVE"}, new String[]{JIT_CKR_STATE_UNSAVEABLE, "STATE_UNSAVEABLE"}, new String[]{JIT_CKR_CRYPTOKI_NOT_INITIALIZED, "CRYPTOKI_NOT_INITIALIZED"}, new String[]{JIT_CKR_CRYPTOKI_ALREADY_INITIALIZED, "CRYPTOKI_ALREADY_INITIALIZED"}, new String[]{JIT_CKR_MUTEX_BAD, "MUTEX_BAD"}, new String[]{JIT_CKR_MUTEX_NOT_LOCKED, "MUTEX_NOT_LOCKED"}, new String[]{JIT_PARSE_FAIL, "PARSE_FAIL"}, new String[]{JIT_CKR_OUTOFMEMORY, "OUTOFMEMORY"}, new String[]{JIT_CKR_MEMORYNOTNULL, "MEMORYNOTNULL"}, new String[]{JIT_CKR_NOTSUPPORT, "NOTSUPPORT"}, new String[]{JIT_LOADLIBRARY_FAIL, "LOADLIBRARY_FAIL"}, new String[]{JIT_GEFUNCTIONLIST_FAIL, "GEFUNCTIONLIST_FAIL"}, new String[]{JIT_HANDLE_NULL, "HANDLE_NULL"}, new String[]{JIT_FUNCTIONLISTPTR_NULL, "FUNCTIONLISTPTR_NULL"}, new String[]{JIT_ENCRYPTLENGTH_NULL, "ENCRYPTLENGTH_NULL"}, new String[]{JIT_DECRYPTLENGTH_NULL, "DECRYPTLENGTH_NULL"}, new String[]{JIT_CUSTOM_PRIVATEKEY_ERR, "CUSTOM_PRIVATEKEY_ERR"}, new String[]{JIT_CUSTOM_PUBLICKEY_ERR, "CUSTOM_PUBLICKEY_ERR"}, new String[]{JIT_CUSTOM_LENGTH_INVALID, "CUSTOM_LENGTH_INVALID"}, new String[]{JIT_KEYTYPE_INVALID, "KEYTYPE_INVALID"}, new String[]{JIT_KEYLENGTHE_INVALID, "KEYLENGTHE_INVALID"}, new String[]{JIT_MECHANISM_INVALID, "MECHANISM_INVALID"}, new String[]{JIT_GETUNEXPORTPUBLICKEY_FAIL, "GETUNEXPORTPUBLICKEY_FAIL"}, new String[]{JIT_GETUNEXPORTPRIVATEKEY_FAIL, "GETUNEXPORTPRIVATEKEY_FAIL"}, new String[]{JIT_GETMASTERKEY_FAIL, "GETMASTERKEY_FAIL"}, new String[]{JIT_GETKEYLENGTH_FAIL, "GETKEYLENGTH_FAIL"}, new String[]{JIT_GETKEY_FAIL, "GETKEY_FAIL"}, new String[]{JIT_GETPUBLICKEY_FAIL, "GETPUBLICKEY_FAIL"}, new String[]{JIT_GETPRIVATEKEY_FAIL, "GETPRIVATEKEY_FAIL"}, new String[]{JIT_GETCERT_FAIL, "GETCERT_FAIL"}, new String[]{JIT_CREATEPRIVATEKEY_FAIL, "CREATEPRIVATEKEY_FAIL"}, new String[]{JIT_ENCRYPTINIT_FAIL, "ENCRYPTINIT_FAIL"}, new String[]{JIT_ENCRYPTUPDATE_FAIL, "ENCRYPTUPDATE_FAIL"}, new String[]{JIT_ENCRYPTFINAL_FAIL, "ENCRYPTFINAL_FAIL"}, new String[]{JIT_DECRYPTINIT_FAIL, "DECRYPTINIT_FAIL"}, new String[]{JIT_DECRYPTUPDATE_FAIL, "DECRYPTUPDATE_FAIL"}, new String[]{JIT_DECRYPTFINAL_FAIL, "DECRYPTFINAL_FAIL"}};
    private boolean isInit = false;
    private PKIToolConfig CfgTag = null;
    private String tag = "PKITOOL";

    public JHARDLib() {
        try {
            System.loadLibrary("SessionDll");
        } catch (Throwable th) {
            th.printStackTrace();
        }
    }

    private native int DestroyKeyPair(long j, int i, byte[] bArr, byte[] bArr2, byte[] bArr3);

    private native byte[] DigestFinal(long j, byte[] bArr);

    private native byte[] DigestInit(long j, byte[] bArr, byte[] bArr2);

    private native int DigestUpdate(long j, byte[] bArr, byte[] bArr2);

    private String JNIToJavaKeyType(String str) {
        if (str.equalsIgnoreCase("145")) {
            return new String("SYMMETRY");
        }
        if (str.equalsIgnoreCase("1")) {
            return new String("RSA_Public");
        }
        if (str.equalsIgnoreCase("2")) {
            return new String(JKey.RSA_PRV_KEY);
        }
        if (str.equalsIgnoreCase("16")) {
            return new String(JKey.RSA_PUB_KEY_ID);
        }
        if (str.equalsIgnoreCase("32")) {
            return new String(JKey.RSA_PRV_KEY_ID);
        }
        if (str.equalsIgnoreCase(CKC_KEYTYPE_MASTERKEYID)) {
            return new String("MASTERKEY");
        }
        if (str.equalsIgnoreCase("256")) {
            return new String(JKey.ECDSA_PUB_KEY);
        }
        if (str.equalsIgnoreCase("258")) {
            return new String(JKey.ECDSA_PUB_KEY_ID);
        }
        if (str.equalsIgnoreCase("257")) {
            return new String(JKey.ECDSA_PRV_KEY);
        }
        if (str.equalsIgnoreCase("259")) {
            return new String(JKey.ECDSA_PRV_KEY_ID);
        }
        if (str.equalsIgnoreCase("4")) {
            return new String(JKey.DSA_PUB_KEY);
        }
        if (str.equalsIgnoreCase("64")) {
            return new String(JKey.DSA_PUB_KEY_ID);
        }
        if (str.equalsIgnoreCase("8")) {
            return new String(JKey.DSA_PRV_KEY);
        }
        if (str.equalsIgnoreCase(CKC_KEYTYPE_DSA_PRIVATEKEYID)) {
            return new String(JKey.DSA_PRV_KEY_ID);
        }
        if (str.equalsIgnoreCase(CKC_KEYTYPE_SM2_PUBLICKEY)) {
            return new String("SM2_Public");
        }
        if (str.equalsIgnoreCase(CKC_KEYTYPE_SM2_PUBLICKEYID)) {
            return new String(JKey.SM2_PUB_KEY_ID);
        }
        if (str.equalsIgnoreCase(CKC_KEYTYPE_SM2_PRIVATEKEY)) {
            return new String(JKey.SM2_PRV_KEY);
        }
        if (str.equalsIgnoreCase(CKC_KEYTYPE_SM2_PRIVATEKEYID)) {
            return new String(JKey.SM2_PRV_KEY_ID);
        }
        if (str.equalsIgnoreCase(CKC_KEYTYPE_ED25519_PRIVATEKEY)) {
            return new String(JKey.ED25519_PRV_KEY);
        }
        if (str.equalsIgnoreCase(CKC_KEYTYPE_ED25519_PRIVATEKEYID)) {
            return new String(JKey.ED25519_PRV_KEY_ID);
        }
        if (str.equalsIgnoreCase(CKC_KEYTYPE_ED25519_PUBLICKEY)) {
            return new String(JKey.ED25519_PUB_KEY);
        }
        if (str.equalsIgnoreCase(CKC_KEYTYPE_ED25519_PUBLICKEY)) {
            return new String(JKey.ED25519_PUB_KEY_ID);
        }
        throw new PKIException(PKIException.DATA_LOAD_FAIL, PKIException.NOT_SUP_DES);
    }

    private int JavaToJNIKeyType(String str) {
        if (!str.equalsIgnoreCase("SYMMETRY") && !str.equalsIgnoreCase("DES") && !str.equalsIgnoreCase("DESede") && !str.equalsIgnoreCase("AES") && !str.equalsIgnoreCase("SCB2") && !str.equalsIgnoreCase("SF33") && !str.equalsIgnoreCase("SM4")) {
            if (str.equalsIgnoreCase("RSA_Public")) {
                return Integer.parseInt("1");
            }
            if (str.equalsIgnoreCase(JKey.RSA_PRV_KEY)) {
                return Integer.parseInt("2");
            }
            if (str.equalsIgnoreCase(JKey.RSA_PUB_KEY_ID)) {
                return Integer.parseInt("16");
            }
            if (str.equalsIgnoreCase(JKey.RSA_PRV_KEY_ID)) {
                return Integer.parseInt("32");
            }
            if (str.equalsIgnoreCase("MASTERKEY")) {
                return Integer.parseInt(CKC_KEYTYPE_MASTERKEYID);
            }
            if (str.equalsIgnoreCase(JKey.ECDSA_PRV_KEY)) {
                return Integer.parseInt("257");
            }
            if (str.equalsIgnoreCase(JKey.ECDSA_PRV_KEY_ID)) {
                return Integer.parseInt("259");
            }
            if (str.equalsIgnoreCase(JKey.ECDSA_PUB_KEY) || str.equalsIgnoreCase(JKey.ECDSA_SECP_PUB_KEY) || str.equalsIgnoreCase(JKey.ECIES_PUB_KEY)) {
                return Integer.parseInt("256");
            }
            if (str.equalsIgnoreCase(JKey.ECDSA_PUB_KEY_ID) || str.equalsIgnoreCase(JKey.ECIES_PUB_KEY_ID)) {
                return Integer.parseInt("258");
            }
            if (str.equalsIgnoreCase(JKey.DSA_PRV_KEY)) {
                return Integer.parseInt("8");
            }
            if (str.equalsIgnoreCase(JKey.DSA_PRV_KEY_ID)) {
                return Integer.parseInt(CKC_KEYTYPE_DSA_PRIVATEKEYID);
            }
            if (str.equalsIgnoreCase(JKey.DSA_PUB_KEY)) {
                return Integer.parseInt("4");
            }
            if (str.equalsIgnoreCase(JKey.DSA_PUB_KEY_ID)) {
                return Integer.parseInt("64");
            }
            if (str.equalsIgnoreCase(JKey.SM2_PRV_KEY)) {
                return Integer.parseInt(CKC_KEYTYPE_SM2_PRIVATEKEY);
            }
            if (str.equalsIgnoreCase(JKey.SM2_PRV_KEY_ID)) {
                return Integer.parseInt(CKC_KEYTYPE_SM2_PRIVATEKEYID);
            }
            if (str.equalsIgnoreCase("SM2_Public")) {
                return Integer.parseInt(CKC_KEYTYPE_SM2_PUBLICKEY);
            }
            if (str.equalsIgnoreCase(JKey.SM2_PUB_KEY_ID)) {
                return Integer.parseInt(CKC_KEYTYPE_SM2_PUBLICKEYID);
            }
            if (str.equalsIgnoreCase(JKey.ED25519_PRV_KEY)) {
                return Integer.parseInt(CKC_KEYTYPE_ED25519_PRIVATEKEY);
            }
            if (str.equalsIgnoreCase(JKey.ED25519_PRV_KEY_ID)) {
                return Integer.parseInt(CKC_KEYTYPE_ED25519_PRIVATEKEYID);
            }
            if (str.equalsIgnoreCase(JKey.ED25519_PUB_KEY)) {
                return Integer.parseInt(CKC_KEYTYPE_ED25519_PUBLICKEY);
            }
            if (str.equalsIgnoreCase(JKey.ED25519_PUB_KEY_ID)) {
                return Integer.parseInt(CKC_KEYTYPE_ED25519_PUBLICKEYID);
            }
            throw new PKIException(PKIException.DATA_LOAD_FAIL, PKIException.NOT_SUP_DES);
        }
        return Integer.parseInt("145");
    }

    private long JavaToJNIMechanismType(String str) {
        if (str.equals("RSA")) {
            return 0L;
        }
        if (str.equals(Mechanism.RSA_PKCS)) {
            return 1L;
        }
        if (str.equals(Mechanism.ECDSA)) {
            return ECDSA;
        }
        if (str.equals("SHA1withECDSA")) {
            return ECDSA_SHA1;
        }
        if (str.equalsIgnoreCase(Mechanism.DSA)) {
            return 16L;
        }
        if (str.equals(Mechanism.MD2)) {
            return 512L;
        }
        if (str.equals("MD5")) {
            return MD5;
        }
        if (str.equals("MD5withRSAEncryption")) {
            return 5L;
        }
        if (str.equals("SHA1")) {
            return SHA1;
        }
        if (str.equals("SHA1withRSAEncryption")) {
            return 6L;
        }
        if (str.equals("DES")) {
            return DES_KEY;
        }
        if (str.equals(Mechanism.DES_ECB)) {
            return DES_ECB;
        }
        if (str.equals(Mechanism.DES_CBC)) {
            return DES_CBC;
        }
        if (str.equals("DESede")) {
            return DES3_KEY;
        }
        if (str.equals(Mechanism.DES3_ECB)) {
            return DES3_ECB;
        }
        if (str.equals(Mechanism.DES3_CBC)) {
            return DES3_CBC;
        }
        if (str.equals("RC2")) {
            return 256L;
        }
        if (str.equals(Mechanism.RC2_ECB)) {
            return RC2_ECB;
        }
        if (str.equals(Mechanism.RC2_CBC)) {
            return RC2_CBC;
        }
        if (str.equals("RC4")) {
            return RC4_KEY;
        }
        if (str.equals("RC4")) {
            return RC4;
        }
        if (str.equals("SF33")) {
            return SF33_KEY_GEN;
        }
        if (str.equals(Mechanism.SF33_ECB)) {
            return CKM_SF33_ECB;
        }
        if (str.equals("SCB2")) {
            return SCB2_KEY_GEN;
        }
        if (str.equals("SCB2_CBC")) {
            return SCB2_CBC;
        }
        if (str.equals("SCB2_ECB")) {
            return SCB2_ECB;
        }
        if (str.equals(Mechanism.RAW)) {
            return CKM_RSA_RAW;
        }
        if (str.equals(Mechanism.SHA224)) {
            return SHA224;
        }
        if (str.equals("SHA256")) {
            return SHA256;
        }
        if (str.equals(Mechanism.SHA384)) {
            return SHA384;
        }
        if (str.equals("SHA512")) {
            return SHA512;
        }
        if (str.equals("SHA224withRSAEncryption")) {
            return SHA224_RSA_PKCS;
        }
        if (str.equals("SHA256withRSAEncryption")) {
            return 64L;
        }
        if (str.equals("SHA384withRSAEncryption")) {
            return SHA384_RSA_PKCS;
        }
        if (str.equals("SHA512withRSAEncryption")) {
            return SHA512_RSA_PKCS;
        }
        if (str.equals(Mechanism.SHA1_RSA_PSS)) {
            return SHA1_RSAPSS_PKCS;
        }
        if (str.equals(Mechanism.SHA224_RSA_PSS)) {
            return SHA224_RSAPSS_PKCS;
        }
        if (str.equals(Mechanism.SHA256_RSA_PSS)) {
            return SHA256_RSAPSS_PKCS;
        }
        if (str.equals(Mechanism.SHA384_RSA_PSS)) {
            return SHA384_RSAPSS_PKCS;
        }
        if (str.equals(Mechanism.SHA512_RSA_PSS)) {
            return SHA512_RSAPSS_PKCS;
        }
        if (str.equals("SHA1withDSA")) {
            return DSA_SHA1;
        }
        if (str.equals(Mechanism.SHA224_DSA)) {
            return DSA_SHA224;
        }
        if (str.equals(Mechanism.SHA256_DSA)) {
            return DSA_SHA256;
        }
        if (str.equals("SHA224withECDSA")) {
            return ECDSA_SHA224;
        }
        if (str.equals("SHA256withECDSA")) {
            return ECDSA_SHA256;
        }
        if (str.equals("SM2")) {
            return SW_SM2;
        }
        if (str.equals(Mechanism.SM2_RAW)) {
            return SW_SM2_RAW;
        }
        if (str.equals("SM3withSM2Encryption")) {
            return SW_SM3_SM2;
        }
        if (str.equals(Mechanism.SM3)) {
            return SW_SM3;
        }
        if (str.equals("AES")) {
            return AES_KEY_GEN;
        }
        if (str.equals(Mechanism.SF33_CBC)) {
            return CKM_SF33_CBC;
        }
        if (str.equals(Mechanism.AES_ECB)) {
            return CKM_AES_ECB;
        }
        if (str.equals(Mechanism.AES_CBC)) {
            return CKM_AES_CBC;
        }
        if (str.equals("SM4")) {
            return SW_SM4_KEY_GEN;
        }
        if (str.equals(Mechanism.SM4_ECB)) {
            return SW_SM4_ECB;
        }
        if (str.equals(Mechanism.SM4_CBC)) {
            return SW_SM4_CBC;
        }
        if (str.equals(Mechanism.SM4_CTR)) {
            return CKM_SM4_CTR;
        }
        if (str.equals(Mechanism.SM4_XTS)) {
            return CKM_SM4_XTS;
        }
        if (str.equals(Mechanism.AES_CTR)) {
            return CKM_AES_CTR;
        }
        if (str.equals(Mechanism.AES_XTS)) {
            return CKM_AES_XTS;
        }
        if (str.equals(Mechanism.SECP256_k1_RAW) || str.equals(Mechanism.SECP256_k1_DER)) {
            return SIGN_WITH_ECDSA_256K1;
        }
        if (str.equals(Mechanism.SECP256_r1_RAW) || str.equals(Mechanism.SECP256_r1_DER)) {
            return SIGN_WITH_ECDSA_256R1;
        }
        if (str.equals(Mechanism.SECP384_r1_RAW) || str.equals(Mechanism.SECP384_r1_DER)) {
            return SIGN_WITH_ECDSA_384R1;
        }
        if (str.equals(Mechanism.SECP256_k1)) {
            return ECDSA_256K1;
        }
        if (str.equals(Mechanism.SECP256_r1)) {
            return ECDSA_256R1;
        }
        if (str.equals(Mechanism.SECP384_r1)) {
            return ECDSA_384R1;
        }
        if (str.equals("ED25519")) {
            return CKM_ED25519_SIGN;
        }
        throw new PKIException(PKIException.DATA_LOAD_FAIL, PKIException.NOT_SUP_DES);
    }

    private native byte[] SignFinal(long j, byte[] bArr);

    private native byte[] SignInit(long j, int i, byte[] bArr, byte[] bArr2, byte[] bArr3);

    private native int SignUpdate(long j, byte[] bArr, byte[] bArr2);

    private native int VerifyFinal(long j, byte[] bArr, byte[] bArr2);

    private native byte[] VerifyInit(long j, int i, byte[] bArr, byte[] bArr2, byte[] bArr3);

    private native int VerifyUpdate(long j, byte[] bArr, byte[] bArr2);

    private native byte[] decrypt(long j, int i, byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4);

    private native byte[] decryptFinal(long j, byte[] bArr);

    private native byte[] decryptInit(long j, int i, byte[] bArr, byte[] bArr2, byte[] bArr3);

    private native byte[] decryptUpdate(long j, byte[] bArr, byte[] bArr2);

    private native byte[] destroyCert(byte[] bArr, byte[] bArr2, byte[] bArr3);

    private native byte[] destroyCerts(byte[] bArr, byte[] bArr2);

    private native byte[] digest(long j, byte[] bArr, byte[] bArr2);

    private String encMech2KeyType(Mechanism mechanism) {
        if (mechanism == null) {
            return null;
        }
        String mechanismType = mechanism.getMechanismType();
        if (mechanismType.equals(Mechanism.SF33_ECB) || mechanismType.equals(Mechanism.SF33_CBC)) {
            return "SF33";
        }
        if (mechanismType.equals(Mechanism.DES_ECB) || mechanismType.equals(Mechanism.DES_CBC)) {
            return "DES";
        }
        if (mechanismType.equals(Mechanism.DES3_ECB) || mechanismType.equals(Mechanism.DES3_CBC)) {
            return "DESede";
        }
        if (mechanismType.equals(Mechanism.AES_ECB) || mechanismType.equals(Mechanism.AES_CBC)) {
            return "AES";
        }
        if (mechanismType.equals("SCB2_ECB") || mechanismType.equals("SCB2_CBC")) {
            return "SCB2";
        }
        if (mechanismType.equals(Mechanism.SM4_ECB) || mechanismType.equals(Mechanism.SM4_CBC)) {
            return "SM4";
        }
        return null;
    }

    private Mechanism encMech2genMech(Mechanism mechanism) {
        if (mechanism == null) {
            return null;
        }
        String mechanismType = mechanism.getMechanismType();
        if (mechanismType.equals(Mechanism.SF33_ECB) || mechanismType.equals(Mechanism.SF33_CBC)) {
            return new Mechanism("SF33");
        }
        if (mechanismType.equals(Mechanism.DES_ECB) || mechanismType.equals(Mechanism.DES_CBC)) {
            return new Mechanism("DES");
        }
        if (mechanismType.equals(Mechanism.DES3_ECB) || mechanismType.equals(Mechanism.DES3_CBC)) {
            return new Mechanism("DESede");
        }
        if (mechanismType.equals(Mechanism.AES_ECB) || mechanismType.equals(Mechanism.AES_CBC)) {
            return new Mechanism("AES");
        }
        if (mechanismType.equals("SCB2_ECB") || mechanismType.equals("SCB2_CBC")) {
            return new Mechanism("SCB2");
        }
        if (mechanismType.equals(Mechanism.RSA_PKCS)) {
            return new Mechanism("RSA");
        }
        if (mechanismType.equals(Mechanism.SM2_RAW)) {
            return new Mechanism("SM2");
        }
        if (mechanismType.equals(Mechanism.SM4_ECB) || mechanismType.equals(Mechanism.SM4_CBC)) {
            return new Mechanism("SM4");
        }
        return null;
    }

    private native byte[] encrypt(long j, int i, byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4);

    private native byte[] encryptFinal(long j, byte[] bArr);

    private native byte[] encryptInit(long j, int i, byte[] bArr, byte[] bArr2, byte[] bArr3);

    private native byte[] encryptUpdate(long j, byte[] bArr, byte[] bArr2);

    private static String errorDesc(String str) {
        String str2 = new String();
        int i = 0;
        while (true) {
            if (i >= hardException.length) {
                break;
            }
            if (hardException[i][0].equals(str)) {
                str2 = hardException[i][1];
                break;
            }
            i++;
        }
        return str2 == null ? "System internal error!!!" : str2;
    }

    private native byte[] findKeyPair(long j, int i, byte[] bArr, byte[] bArr2, byte[] bArr3);

    private native byte[] generateKey(long j, int i, byte[] bArr);

    private native byte[] generateKeyPair(long j, int i, byte[] bArr);

    private native byte[] generateKeyPairEx(long j, int i, byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4);

    private native byte[] generateRandom(int i, byte[] bArr);

    private native byte[] getCert(byte[] bArr, byte[] bArr2);

    private native byte[] getMRTDVision(byte[] bArr, byte[] bArr2);

    private byte[] getPaddingData(Mechanism mechanism, byte[] bArr) {
        if (bArr == null) {
            return null;
        }
        String mechanismType = mechanism.getMechanismType();
        if (mechanismType.equals(Mechanism.RSA_PKCS) || mechanismType.equals(Mechanism.SM2_RAW) || mechanismType.equals("RC4")) {
            return bArr;
        }
        int i = 8;
        if (mechanismType.equals(Mechanism.SF33_ECB) || mechanismType.equals(Mechanism.SF33_CBC) || mechanismType.equals("SCB2_ECB") || mechanismType.equals("SCB2_CBC") || mechanismType.equals(Mechanism.AES_ECB) || mechanismType.equals(Mechanism.AES_CBC) || mechanismType.equals(Mechanism.SM4_ECB) || mechanismType.equals(Mechanism.SM4_CBC) || mechanismType.equals(Mechanism.AES_CTR) || mechanismType.equals(Mechanism.AES_XTS) || mechanismType.equals(Mechanism.SM4_CTR) || mechanismType.equals(Mechanism.SM4_XTS)) {
            i = bArr.length % 16 == 0 ? 16 : 16 - (bArr.length % 16);
        } else if (bArr.length % 8 != 0) {
            i = 8 - (bArr.length % 8);
        }
        byte[] bArr2 = new byte[bArr.length + i];
        System.arraycopy(bArr, 0, bArr2, 0, bArr.length);
        for (int i2 = 0; i2 < i; i2++) {
            bArr2[bArr.length + i2] = (byte) i;
        }
        return bArr2;
    }

    private byte[] getSM2EnvedKey(Mechanism mechanism, byte[] bArr, byte[] bArr2, byte[] bArr3) {
        DERObjectIdentifier dERObjectIdentifier;
        if (mechanism.getMechanismType().equals(Mechanism.SM4_ECB)) {
            dERObjectIdentifier = PKCSObjectIdentifiers.gm_SM4;
        } else if (mechanism.getMechanismType().equals("SCB2_ECB")) {
            dERObjectIdentifier = PKCSObjectIdentifiers.gm_SM1;
        } else if (mechanism.getMechanismType().equals(Mechanism.SF33_ECB)) {
            dERObjectIdentifier = PKCSObjectIdentifiers.gm_SSF33;
        } else {
            if (!mechanism.getMechanismType().equals(Mechanism.SM4_ECB)) {
                throw new PKIException(PKIException.DATA_LOAD_FAIL, "encryption failed This operation does not support this type of mechanism " + mechanism.getMechanismType());
            }
            dERObjectIdentifier = PKCSObjectIdentifiers.gm_SM4;
        }
        AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(dERObjectIdentifier, new DERNull());
        try {
            ASN1Sequence aSN1Sequence = (ASN1Sequence) new ASN1InputStream(new ByteArrayInputStream(bArr)).readObject();
            DERBitString dERBitString = new DERBitString(bArr3);
            DERBitString dERBitString2 = new DERBitString(bArr2);
            ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
            aSN1EncodableVector.add(algorithmIdentifier);
            aSN1EncodableVector.add(aSN1Sequence);
            aSN1EncodableVector.add(dERBitString2);
            aSN1EncodableVector.add(dERBitString);
            return Parser.writeDERObj2Bytes(new BERSequence(aSN1EncodableVector));
        } catch (IOException unused) {
            throw new PKIException(PKIException.DATA_LOAD_FAIL, PKIException.ENCRYPT_DES);
        }
    }

    private native byte[] getVersion();

    private native byte[] importCert(byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4);

    private boolean isDataEnough(Mechanism mechanism, byte[] bArr) {
        if (bArr == null) {
            return false;
        }
        String mechanismType = mechanism.getMechanismType();
        if (mechanismType.equals(Mechanism.RSA_PKCS) || mechanismType.equals(Mechanism.SM2_RAW) || mechanismType.equals("RC4")) {
            return true;
        }
        return (mechanismType.equals(Mechanism.SF33_ECB) || mechanismType.equals(Mechanism.SF33_CBC) || mechanismType.equals("SCB2_ECB") || mechanismType.equals("SCB2_CBC") || mechanismType.equals(Mechanism.AES_ECB) || mechanismType.equals(Mechanism.AES_CBC) || mechanismType.equals(Mechanism.SM4_ECB) || mechanismType.equals(Mechanism.SM4_CBC)) ? bArr.length % 16 == 0 : bArr.length % 8 == 0;
    }

    private boolean isEqualArray(byte[] bArr, byte[] bArr2) {
        if (bArr.length != bArr2.length) {
            return false;
        }
        for (int i = 0; i < bArr.length; i++) {
            if (bArr[i] != bArr2[i]) {
                return false;
            }
        }
        return true;
    }

    private native byte[] masterDecrypt(long j, int i, byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4);

    private native byte[] masterEncrypt(long j, int i, byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4);

    private native int p11Finalize(byte[] bArr);

    private native int p11Initialize(byte[] bArr, byte[] bArr2, int i);

    private byte[] paddingDrop(Mechanism mechanism, byte[] bArr) {
        String mechanismType = mechanism.getMechanismType();
        if (mechanismType.equals(Mechanism.RSA_PKCS) || mechanismType.equals(Mechanism.SM2_RAW) || mechanismType.equals("RC4")) {
            return bArr;
        }
        int i = bArr[bArr.length - 1];
        if (i < 1 || i > bArr.length) {
            throw new PKIException("drop padding error...");
        }
        byte[] bArr2 = new byte[bArr.length - i];
        System.arraycopy(bArr, 0, bArr2, 0, bArr.length - i);
        return bArr2;
    }

    private native byte[] sign(long j, int i, byte[] bArr, byte[] bArr2, byte[] bArr3);

    private native byte[] updateKeyPair(long j, byte[] bArr, byte[] bArr2, int i, byte[] bArr3, byte[] bArr4, byte[] bArr5, byte[] bArr6);

    private native byte[] updateKeyPair(byte[] bArr, byte[] bArr2, long j, long j2, byte[] bArr3, byte[] bArr4, byte[] bArr5);

    private native byte[] verifySign(long j, int i, byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4);

    private native byte[] wrapKeyEnc(byte[] bArr, byte[] bArr2, long j, long j2, byte[] bArr3, byte[] bArr4, byte[] bArr5);

    private void writeFile(byte[] bArr, String str) {
        FileOutputStream fileOutputStream = new FileOutputStream(str);
        fileOutputStream.write(bArr);
        fileOutputStream.flush();
        fileOutputStream.close();
    }

    @Override // cn.com.jit.ida.util.pki.cipher.Session
    public boolean DestroyKeyPair(Mechanism mechanism) {
        String mechanismType = mechanism.getMechanismType();
        if (!mechanismType.equals("RSA")) {
            throw new PKIException("8111", "An asymmetric key pair failed This operation does not support this type of mechanism " + mechanismType);
        }
        long JavaToJNIMechanismType = JavaToJNIMechanismType(mechanismType);
        int keyNum = mechanism.getParam() != null ? ((GenKeyAttribute) mechanism.getParam()).getKeyNum() : 0;
        int parseInt = Integer.parseInt(this.CfgTag.getNoExportRSAKeyType());
        byte[] bytes = (String.valueOf(this.CfgTag.getNoExportRSAPubKeyValue()) + String.valueOf(keyNum)).getBytes();
        StringBuilder sb = new StringBuilder(String.valueOf(this.CfgTag.getNoExportRSAPriKeyValue()));
        sb.append(String.valueOf(keyNum));
        return DestroyKeyPair(JavaToJNIMechanismType, parseInt, bytes, sb.toString().getBytes(), this.tag.getBytes()) == 0;
    }

    @Override // cn.com.jit.ida.util.pki.cipher.Session
    public byte[] DigestFinal(JHandle jHandle) {
        long hardLibHandle = jHandle.getHardLibHandle();
        if (hardLibHandle < 1) {
            throw new PKIException(PKIException.CERT_DATA_FAIL, "invalid handle");
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(DigestFinal(hardLibHandle, this.tag.getBytes()));
        Properties properties = new Properties();
        try {
            properties.load(byteArrayInputStream);
            String property = properties.getProperty("DigestData");
            String property2 = properties.getProperty("Error");
            if (!property2.equals("0") || property == null) {
                throw new PKIException(PKIException.CERT_DATA_FAIL, PKIException.DIGEST_DES, (Exception) new PKIException(property2, errorDesc(property2)));
            }
            return Hex.decode(property);
        } catch (Exception unused) {
            throw new PKIException(PKIException.CERT_DATA_FAIL, PKIException.DIGEST_DES, (Exception) new PKIException(JIT_PARSE_FAIL, errorDesc(JIT_PARSE_FAIL)));
        }
    }

    @Override // cn.com.jit.ida.util.pki.cipher.Session
    public JHandle DigestInit(Mechanism mechanism) {
        String mechanismType = mechanism.getMechanismType();
        if (!mechanismType.equals(Mechanism.MD2) && !mechanismType.equals("MD5") && !mechanismType.equals(Mechanism.SM3) && !mechanismType.equals("SHA1") && !mechanismType.equals(Mechanism.SHA224) && !mechanismType.equals("SHA256") && !mechanismType.equals(Mechanism.SHA384) && !mechanismType.equals("SHA512")) {
            throw new PKIException(PKIException.CERT_DATA_FAIL, "Digest operation failed This operation does not support this type of mechanism " + mechanismType);
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(DigestInit(JavaToJNIMechanismType(mechanismType), null, this.tag.getBytes()));
        Properties properties = new Properties();
        try {
            properties.load(byteArrayInputStream);
            String property = properties.getProperty("SessInfo");
            String property2 = properties.getProperty("Error");
            if (!property2.equals("0") || property == null) {
                throw new PKIException(PKIException.CERT_DATA_FAIL, PKIException.DIGEST_DES, (Exception) new PKIException(property2, errorDesc(property2)));
            }
            long parseLong = Long.parseLong(property);
            JHandle jHandle = new JHandle();
            jHandle.setHardLibHandle(parseLong);
            return jHandle;
        } catch (Exception e) {
            throw new PKIException(PKIException.CERT_DATA_FAIL, PKIException.DIGEST_DES, e);
        }
    }

    @Override // cn.com.jit.ida.util.pki.cipher.Session
    public void DigestUpdate(JHandle jHandle, byte[] bArr) {
        long hardLibHandle = jHandle.getHardLibHandle();
        if (hardLibHandle < 1) {
            throw new PKIException(PKIException.CERT_DATA_FAIL, "invalid handle");
        }
        try {
            int DigestUpdate = DigestUpdate(hardLibHandle, bArr, this.tag.getBytes());
            if (DigestUpdate == 0) {
                return;
            }
            String valueOf = String.valueOf(DigestUpdate);
            throw new PKIException(PKIException.CERT_DATA_FAIL, PKIException.DIGEST_DES, (Exception) new PKIException(valueOf, errorDesc(valueOf)));
        } catch (Exception e) {
            throw new PKIException(PKIException.CERT_DATA_FAIL, PKIException.DIGEST_DES, e);
        }
    }

    public void Finalize() {
        int p11Finalize = p11Finalize(this.tag.getBytes());
        if (p11Finalize != 0) {
            throw new PKIException("8110", PKIException.SYM_KEY_DES, (Exception) new PKIException(Integer.toString(p11Finalize), errorDesc(Integer.toString(p11Finalize))));
        }
    }

    public void Initialize() {
        Initialize("PKITOOL");
    }

    public void Initialize(String str) {
        this.tag = str;
        if (this.CfgTag == null) {
            this.CfgTag = new PKIToolConfig();
            this.CfgTag.LoadOpt(str);
        }
        int p11Initialize = p11Initialize(new String(this.CfgTag.getP11File()).getBytes(), this.tag.getBytes(), this.CfgTag.getSlot() != null ? Integer.valueOf(this.CfgTag.getSlot()).intValue() : 0);
        if (p11Initialize != 0) {
            throw new PKIException("8110", PKIException.SYM_KEY_DES, (Exception) new PKIException(Integer.toString(p11Initialize), errorDesc(Integer.toString(p11Initialize))));
        }
    }

    @Override // cn.com.jit.ida.util.pki.cipher.Session
    public byte[] SignFinal(JHandle jHandle) {
        return SignFinal(jHandle, 0);
    }

    @Override // cn.com.jit.ida.util.pki.cipher.Session
    public byte[] SignFinal(JHandle jHandle, int i) {
        if (jHandle.getMech() != null && (jHandle.getMech().equals(Mechanisms.SECP256_k1_DER) || jHandle.getMech().equals(Mechanisms.SECP256_k1_RAW) || jHandle.getMech().equals(Mechanisms.SECP256_r1_DER) || jHandle.getMech().equals(Mechanisms.SECP256_r1_RAW) || jHandle.getMech().equals(Mechanisms.SECP384_r1_DER) || jHandle.getMech().equals(Mechanisms.SECP384_r1_RAW))) {
            MessageDigest dig = jHandle.getDig();
            if (dig == null) {
                throw new PKIException("8195", "signature operation failed, MessageDigest is null");
            }
            return sign(jHandle.getMech(), jHandle.getKey(), dig.digest());
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(SignFinal(jHandle.getHardLibHandle(), this.tag.getBytes()));
        Properties properties = new Properties();
        try {
            properties.load(byteArrayInputStream);
            String property = properties.getProperty("SignData");
            String property2 = properties.getProperty("Error");
            if (!property2.equals("0") || property == null) {
                throw new PKIException("8195", PKIException.SIGN_DES, (Exception) new PKIException(property2, errorDesc(property2)));
            }
            return Hex.decode(property);
        } catch (Exception unused) {
            throw new PKIException("8195", PKIException.SIGN_DES, (Exception) new PKIException(JIT_PARSE_FAIL, errorDesc(JIT_PARSE_FAIL)));
        }
    }

    @Override // cn.com.jit.ida.util.pki.cipher.Session
    public JHandle SignInit(Mechanism mechanism, JKey jKey) {
        String mechanismType = mechanism.getMechanismType();
        if (!mechanismType.equals("MD5withRSAEncryption") && !mechanismType.equals("SHA1withRSAEncryption") && !mechanismType.equals("SHA1withECDSA") && !mechanismType.equals("SHA224withECDSA") && !mechanismType.equals("SHA256withECDSA") && !mechanismType.equals("SHA384withECDSA") && !mechanismType.equals("SHA512withECDSA") && !mechanismType.equals("SHA1withDSA") && !mechanismType.equals(Mechanism.SHA224_DSA) && !mechanismType.equals(Mechanism.SHA256_DSA) && !mechanismType.equals("SM3withSM2Encryption") && !mechanismType.equals("SHA224withRSAEncryption") && !mechanismType.equals("SHA256withRSAEncryption") && !mechanismType.equals("SHA384withRSAEncryption") && !mechanismType.equals("SHA512withRSAEncryption") && !mechanismType.equals(Mechanism.SECP384_r1_RAW) && !mechanismType.equals(Mechanism.SECP384_r1_DER) && !mechanismType.equals(Mechanism.SECP256_r1_RAW) && !mechanismType.equals(Mechanism.SECP256_r1_DER) && !mechanismType.equals(Mechanism.SECP256_k1_RAW) && !mechanismType.equals(Mechanism.SECP256_k1_DER)) {
            throw new PKIException("8195", "signature operation failed This operation does not support this type of mechanism " + mechanismType);
        }
        JHandle jHandle = new JHandle();
        try {
            if (this.CfgTag.isSecpReplaceECDSA()) {
                if ("SHA1withECDSA".equals(mechanismType)) {
                    jHandle.setMech(new Mechanism(ECDSAParser.getECDSAPriKeyType(jKey)).setSignType(null));
                    jHandle.setDig(MessageDigest.getInstance("SHA1"));
                    jHandle.setKey(jKey);
                    return jHandle;
                }
                if ("SHA224withECDSA".equals(mechanismType)) {
                    jHandle.setMech(new Mechanism(ECDSAParser.getECDSAPriKeyType(jKey)).setSignType(null));
                    jHandle.setDig(MessageDigest.getInstance(Mechanism.SHA224));
                    jHandle.setKey(jKey);
                    return jHandle;
                }
                if ("SHA256withECDSA".equals(mechanismType)) {
                    jHandle.setMech(new Mechanism(ECDSAParser.getECDSAPriKeyType(jKey)).setSignType(null));
                    jHandle.setDig(MessageDigest.getInstance("SHA256"));
                    jHandle.setKey(jKey);
                    return jHandle;
                }
                if ("SHA384withECDSA".equals(mechanismType)) {
                    jHandle.setMech(new Mechanism(ECDSAParser.getECDSAPriKeyType(jKey)).setSignType(null));
                    jHandle.setDig(MessageDigest.getInstance(Mechanism.SHA384));
                    jHandle.setKey(jKey);
                    return jHandle;
                }
                if ("SHA512withECDSA".equals(mechanismType)) {
                    jHandle.setMech(new Mechanism(ECDSAParser.getECDSAPriKeyType(jKey)).setSignType(null));
                    jHandle.setDig(MessageDigest.getInstance("SHA512"));
                    jHandle.setKey(jKey);
                    return jHandle;
                }
            } else if (mechanismType.equals(Mechanism.SECP384_r1_RAW) || mechanismType.equals(Mechanism.SECP384_r1_DER) || mechanismType.equals(Mechanism.SECP256_r1_RAW) || mechanismType.equals(Mechanism.SECP256_r1_DER) || mechanismType.equals(Mechanism.SECP256_k1_RAW) || mechanismType.equals(Mechanism.SECP256_k1_DER)) {
                jHandle.setMech(new Mechanism(mechanismType).setSignType(null));
                jHandle.setDig(MessageDigest.getInstance(mechanism.getSignType()));
                jHandle.setKey(jKey);
                return jHandle;
            }
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(SignInit(JavaToJNIMechanismType(mechanismType), JavaToJNIKeyType(jKey.getKeyType()), jKey.getKey() != null ? Parser.softKey2HardCustomKey(jKey.getKeyType(), jKey.getKey()) : Long.toString(jKey.getKeyID()).getBytes(), null, this.tag.getBytes()));
            Properties properties = new Properties();
            try {
                properties.load(byteArrayInputStream);
                String property = properties.getProperty("SessInfo");
                String property2 = properties.getProperty("Error");
                if (!property2.equals("0") || property == null) {
                    throw new PKIException("8195", PKIException.SIGN_DES, (Exception) new PKIException(property2, errorDesc(property2)));
                }
                jHandle.setHardLibHandle(Long.parseLong(property));
                return jHandle;
            } catch (Exception unused) {
                throw new PKIException("8195", PKIException.SIGN_DES, (Exception) new PKIException(JIT_PARSE_FAIL, errorDesc(JIT_PARSE_FAIL)));
            }
        } catch (NoSuchAlgorithmException e) {
            throw new PKIException("8195", PKIException.SIGN_DES, (Exception) e);
        }
    }

    @Override // cn.com.jit.ida.util.pki.cipher.Session
    public void SignUpdate(JHandle jHandle, byte[] bArr) {
        if (jHandle.getMech() != null && (jHandle.getMech().equals(Mechanisms.SECP256_k1_DER) || jHandle.getMech().equals(Mechanisms.SECP256_k1_RAW) || jHandle.getMech().equals(Mechanisms.SECP256_r1_DER) || jHandle.getMech().equals(Mechanisms.SECP256_r1_RAW) || jHandle.getMech().equals(Mechanisms.SECP384_r1_DER) || jHandle.getMech().equals(Mechanisms.SECP384_r1_RAW))) {
            MessageDigest dig = jHandle.getDig();
            if (dig == null) {
                throw new PKIException("8195", "signature operation failed, MessageDigest is null");
            }
            dig.update(bArr);
            return;
        }
        try {
            int SignUpdate = SignUpdate(jHandle.getHardLibHandle(), bArr, this.tag.getBytes());
            if (SignUpdate == 0) {
                return;
            }
            String valueOf = String.valueOf(SignUpdate);
            throw new PKIException("8195", PKIException.SIGN_DES, (Exception) new PKIException(valueOf, errorDesc(valueOf)));
        } catch (Exception e) {
            throw new PKIException("8195", PKIException.SIGN_DES, e);
        }
    }

    @Override // cn.com.jit.ida.util.pki.cipher.Session
    public boolean VerifyFinal(JHandle jHandle, byte[] bArr) {
        long hardLibHandle = jHandle.getHardLibHandle();
        if (hardLibHandle < 1) {
            throw new PKIException("8196", "invalid handle");
        }
        int VerifyFinal = VerifyFinal(hardLibHandle, bArr, this.tag.getBytes());
        if (VerifyFinal == 0) {
            return true;
        }
        if (192 == VerifyFinal) {
            return false;
        }
        String valueOf = String.valueOf(VerifyFinal);
        throw new PKIException("8196", PKIException.VERIFY_SIGN_DES, (Exception) new PKIException(valueOf, errorDesc(valueOf)));
    }

    @Override // cn.com.jit.ida.util.pki.cipher.Session
    public JHandle VerifyInit(Mechanism mechanism, JKey jKey) {
        String mechanismType = mechanism.getMechanismType();
        if (!mechanismType.equals("MD5withRSAEncryption") && !mechanismType.equals(Mechanism.RSA_PKCS) && !mechanismType.equals("SHA1withRSAEncryption") && !mechanismType.equals("SHA1withECDSA") && !mechanismType.equals("SHA224withECDSA") && !mechanismType.equals("SHA256withECDSA") && !mechanismType.equals("SHA1withDSA") && !mechanismType.equals(Mechanism.SHA224_DSA) && !mechanismType.equals(Mechanism.SHA256_DSA) && !mechanismType.equals("SM3withSM2Encryption") && !mechanismType.equals("SHA224withRSAEncryption") && !mechanismType.equals("SHA256withRSAEncryption") && !mechanismType.equals("SHA384withRSAEncryption") && !mechanismType.equals("SHA512withRSAEncryption")) {
            throw new PKIException("8196", "Verify signature failed operation This operation does not support this type of mechanism " + mechanismType);
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(VerifyInit(JavaToJNIMechanismType(mechanismType), JavaToJNIKeyType(jKey.getKeyType()), Parser.softKey2HardCustomKey(jKey.getKeyType(), jKey.getKey()), null, this.tag.getBytes()));
        Properties properties = new Properties();
        try {
            properties.load(byteArrayInputStream);
            String property = properties.getProperty("SessInfo");
            String property2 = properties.getProperty("Error");
            if (!property2.equals("0") || property == null) {
                throw new PKIException("8196", PKIException.VERIFY_SIGN_DES, (Exception) new PKIException(property2, errorDesc(property2)));
            }
            long parseLong = Long.parseLong(property);
            JHandle jHandle = new JHandle();
            jHandle.setHardLibHandle(parseLong);
            return jHandle;
        } catch (Exception unused) {
            throw new PKIException("8196", PKIException.VERIFY_SIGN_DES, (Exception) new PKIException(JIT_PARSE_FAIL, errorDesc(JIT_PARSE_FAIL)));
        }
    }

    @Override // cn.com.jit.ida.util.pki.cipher.Session
    public void VerifyUpdate(JHandle jHandle, byte[] bArr) {
        long hardLibHandle = jHandle.getHardLibHandle();
        if (hardLibHandle < 1) {
            throw new PKIException("8196", "invalid handle");
        }
        try {
            int VerifyUpdate = VerifyUpdate(hardLibHandle, bArr, this.tag.getBytes());
            if (VerifyUpdate == 0) {
                return;
            }
            String valueOf = String.valueOf(VerifyUpdate);
            throw new PKIException("8196", PKIException.SIGN_DES, (Exception) new PKIException(valueOf, errorDesc(valueOf)));
        } catch (Exception e) {
            throw new PKIException("8196", PKIException.SIGN_DES, e);
        }
    }

    public String Version() {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(getVersion());
        Properties properties = new Properties();
        try {
            properties.load(byteArrayInputStream);
            return properties.getProperty("Version");
        } catch (Exception e) {
            throw new PKIException(PKIException.DESTROY_CERT_OBJECT, PKIException.RANDOM_DES, e);
        }
    }

    @Override // cn.com.jit.ida.util.pki.cipher.Session
    public List<byte[]> WrapKeyEnc(JKey jKey, JKey jKey2, Mechanism mechanism, Mechanism mechanism2, byte[] bArr) {
        String mechanismType = mechanism.getMechanismType();
        String mechanismType2 = mechanism2.getMechanismType();
        if (!mechanismType2.equals(Mechanism.SF33_ECB) && !mechanismType2.equals(Mechanism.DES_CBC) && !mechanismType2.equals(Mechanism.DES_ECB) && !mechanismType2.equals(Mechanism.DES3_ECB) && !mechanismType2.equals(Mechanism.AES_ECB) && !mechanismType2.equals(Mechanism.AES_CBC) && !mechanismType2.equals(Mechanism.DES3_CBC) && !mechanismType2.equals("SCB2_CBC") && !mechanismType2.equals("SCB2_ECB") && !mechanismType2.equals(Mechanism.SM4_CBC) && !mechanismType2.equals(Mechanism.SM4_ECB)) {
            throw new PKIException(PKIException.DATA_LOAD_FAIL, "encryption failed This operation does not support this type of mechanism " + mechanismType2);
        }
        if (!mechanismType.equals(Mechanism.RSA_PKCS) && !mechanismType.equals(Mechanism.SM2_RAW)) {
            throw new PKIException(PKIException.DATA_LOAD_FAIL, "encryption failed This operation does not support this type of mechanism " + mechanismType);
        }
        CBCParam cBCParam = (CBCParam) mechanism2.getParam();
        byte[] iv = cBCParam != null ? cBCParam.getIv() : null;
        byte[] paddingData = mechanism2.isPad() ? getPaddingData(mechanism2, bArr) : bArr;
        long JavaToJNIMechanismType = JavaToJNIMechanismType(mechanismType);
        long JavaToJNIMechanismType2 = JavaToJNIMechanismType(mechanismType2);
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(jKey2 == null ? wrapKeyEnc(Parser.softKey2HardCustomKey(jKey.getKeyType(), jKey.getKey()), null, JavaToJNIMechanismType, JavaToJNIMechanismType2, paddingData, iv, this.tag.getBytes()) : wrapKeyEnc(Parser.softKey2HardCustomKey(jKey.getKeyType(), jKey.getKey()), jKey2.getKey(), JavaToJNIMechanismType, JavaToJNIMechanismType2, paddingData, iv, this.tag.getBytes()));
        Properties properties = new Properties();
        try {
            properties.load(byteArrayInputStream);
            String property = properties.getProperty("EncData");
            String property2 = properties.getProperty("Error");
            String property3 = properties.getProperty("WrapedSysKey");
            ArrayList arrayList = new ArrayList();
            if (!property2.equals("0") || property == null) {
                throw new PKIException(PKIException.DATA_LOAD_FAIL, PKIException.ENCRYPT_DES, (Exception) new PKIException(property2, errorDesc(property2)));
            }
            arrayList.add(Hex.decode(property));
            arrayList.add(Hex.decode(property3));
            return arrayList;
        } catch (Exception unused) {
            throw new PKIException(PKIException.DATA_LOAD_FAIL, PKIException.ENCRYPT_DES, (Exception) new PKIException(JIT_PARSE_FAIL, errorDesc(JIT_PARSE_FAIL)));
        }
    }

    @Override // cn.com.jit.ida.util.pki.cipher.Session
    public byte[] WrapPriKey(JKey jKey, JKey jKey2, Mechanism mechanism, Mechanism mechanism2, JKey jKey3) {
        try {
            BigInteger hardKey2SoftPrivKey = Util.hardKey2SoftPrivKey(jKey3);
            if (hardKey2SoftPrivKey == null) {
                throw new PKIException("8190hardKey2SoftPrivKey error");
            }
            byte[] byteconvert32 = Util.byteconvert32(hardKey2SoftPrivKey);
            if (byteconvert32 == null) {
                throw new PKIException("8190data convert error");
            }
            byte[] bArr = new byte[byteconvert32.length + 32];
            for (int i = 0; i < 32; i++) {
                bArr[i] = 0;
            }
            System.arraycopy(byteconvert32, 0, bArr, 32, 32);
            mechanism2.setPad(false);
            List<byte[]> WrapKeyEnc = WrapKeyEnc(jKey, jKey2, mechanism, mechanism2, bArr);
            return getSM2EnvedKey(mechanism2, WrapKeyEnc.get(1), SM2.Instance().ecc_point_g.multiply(hardKey2SoftPrivKey).getEncoded(false), WrapKeyEnc.get(0));
        } catch (Exception e) {
            throw new PKIException(PKIException.DATA_LOAD_FAIL, e.getMessage());
        }
    }

    @Override // cn.com.jit.ida.util.pki.cipher.Session
    public byte[] WrapPriKey(JKey jKey, JKey jKey2, Mechanism mechanism, Mechanism mechanism2, JKey jKey3, JKey jKey4) {
        try {
            BigInteger hardKey2SoftPrivKey = Util.hardKey2SoftPrivKey(jKey3);
            if (hardKey2SoftPrivKey == null) {
                throw new PKIException("8190hardKey2SoftPrivKey error");
            }
            byte[] byteconvert32 = Util.byteconvert32(hardKey2SoftPrivKey);
            if (byteconvert32 == null) {
                throw new PKIException("8190data convert error");
            }
            byte[] bArr = new byte[byteconvert32.length + 32];
            for (int i = 0; i < 32; i++) {
                bArr[i] = 0;
            }
            System.arraycopy(byteconvert32, 0, bArr, 32, 32);
            mechanism2.setPad(false);
            List<byte[]> WrapKeyEnc = WrapKeyEnc(jKey, jKey2, mechanism, mechanism2, bArr);
            return getSM2EnvedKey(mechanism2, WrapKeyEnc.get(1), Util.hardKey2SoftPubKey(jKey4), WrapKeyEnc.get(0));
        } catch (Exception e) {
            throw new PKIException(PKIException.DATA_LOAD_FAIL, e.getMessage());
        }
    }

    @Override // cn.com.jit.ida.util.pki.cipher.Session
    public boolean createCertObject(byte[] bArr, byte[] bArr2, byte[] bArr3) {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(importCert(bArr, bArr2, bArr3, this.tag.getBytes()));
        Properties properties = new Properties();
        try {
            properties.load(byteArrayInputStream);
            String property = properties.getProperty("Error");
            if (property.equals("0")) {
                return true;
            }
            throw new PKIException("8198191", PKIException.CREAT_CERT_OBJECT_RES, (Exception) new PKIException(property, errorDesc(property)));
        } catch (Exception unused) {
            throw new PKIException("8198190", PKIException.DATA_LOAD_FAIL_RES, (Exception) new PKIException(JIT_PARSE_FAIL, errorDesc(JIT_PARSE_FAIL)));
        }
    }

    @Override // cn.com.jit.ida.util.pki.cipher.Session
    public long decrypt(Mechanism mechanism, JKey jKey, InputStream inputStream, OutputStream outputStream) {
        JHandle decryptInit = decryptInit(mechanism, jKey);
        try {
            byte[] bArr = new byte[1024];
            byte[] bArr2 = null;
            long j = 0;
            while (true) {
                int read = inputStream.read(bArr);
                if (read <= 0) {
                    break;
                }
                bArr2 = new byte[read];
                System.arraycopy(bArr, 0, bArr2, 0, read);
                if (1024 != bArr2.length) {
                    break;
                }
                byte[] decryptUpdate = decryptUpdate(decryptInit, mechanism, bArr2);
                if (decryptUpdate == null) {
                    throw new PKIException(PKIException.CREAT_CERT_OBJECT, PKIException.DECRYPT_DES);
                }
                j += decryptUpdate.length;
                outputStream.write(decryptUpdate);
            }
            byte[] decryptFinal = decryptFinal(decryptInit, mechanism, bArr2);
            if (decryptFinal == null) {
                throw new PKIException(PKIException.CREAT_CERT_OBJECT, PKIException.DECRYPT_DES);
            }
            long length = j + decryptFinal.length;
            outputStream.write(decryptFinal);
            return length;
        } catch (Exception e) {
            throw new PKIException(PKIException.CREAT_CERT_OBJECT, PKIException.DECRYPT_DES, e);
        }
    }

    @Override // cn.com.jit.ida.util.pki.cipher.Session
    public byte[] decrypt(Mechanism mechanism, JKey jKey, InputStream inputStream) {
        try {
            byte[] bArr = new byte[inputStream.available()];
            inputStream.read(bArr);
            return decrypt(mechanism, jKey, bArr);
        } catch (Exception e) {
            throw new PKIException(PKIException.CREAT_CERT_OBJECT, PKIException.DECRYPT_DES, e);
        }
    }

    @Override // cn.com.jit.ida.util.pki.cipher.Session
    public byte[] decrypt(Mechanism mechanism, JKey jKey, byte[] bArr) {
        String mechanismType = mechanism.getMechanismType();
        if (!mechanismType.equals(Mechanism.SF33_ECB) && !mechanismType.equals(Mechanism.RSA_PKCS) && !mechanismType.equals(Mechanism.DES_ECB) && !mechanismType.equals(Mechanism.DES_CBC) && !mechanismType.equals(Mechanism.DES3_ECB) && !mechanismType.equals(Mechanism.DES3_CBC) && !mechanismType.equals("SCB2_CBC") && !mechanismType.equals("SCB2_ECB") && !mechanismType.equals(Mechanism.SM2_RAW) && !mechanismType.equals(Mechanism.SF33_CBC) && !mechanismType.equals(Mechanism.AES_CBC) && !mechanismType.equals(Mechanism.AES_ECB) && !mechanismType.equals(Mechanism.SM4_ECB) && !mechanismType.equals(Mechanism.SM4_CBC) && !mechanismType.equals(Mechanism.SM4_CTR) && !mechanismType.equals(Mechanism.SM4_XTS) && !mechanismType.equals(Mechanism.AES_CTR) && !mechanismType.equals(Mechanism.AES_XTS) && !mechanismType.equals(Mechanism.RAW)) {
            throw new PKIException(PKIException.CREAT_CERT_OBJECT, "decryption operation failed This operation does not support this type of mechanism " + mechanismType);
        }
        long JavaToJNIMechanismType = JavaToJNIMechanismType(mechanismType);
        CBCParam cBCParam = (CBCParam) mechanism.getParam();
        byte[] iv = cBCParam != null ? cBCParam.getIv() : null;
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream((JavaToJNIMechanismType == 1 && jKey.getKey() == null) ? decrypt(JavaToJNIMechanismType, JavaToJNIKeyType(jKey.getKeyType()), Long.toString(jKey.getKeyID()).getBytes(), bArr, iv, this.tag.getBytes()) : (JavaToJNIMechanismType != 1 || jKey.getKey() == null) ? jKey.getKeyType().equalsIgnoreCase("MASTERKEY") ? masterDecrypt(Long.parseLong(this.CfgTag.getMasterKeyEnc()), Integer.parseInt(this.CfgTag.getMasterKeyType()), this.CfgTag.getMasterKeyValue().getBytes(), bArr, iv, this.tag.getBytes()) : (JavaToJNIMechanismType != CKM_RSA_RAW || jKey.getKey() == null) ? (JavaToJNIMechanismType == SW_SM2_RAW && jKey.getKey() == null) ? decrypt(JavaToJNIMechanismType, JavaToJNIKeyType(jKey.getKeyType()), Long.toString(jKey.getKeyID()).getBytes(), bArr, iv, this.tag.getBytes()) : (JavaToJNIMechanismType != SW_SM2_RAW || jKey.getKey() == null) ? decrypt(JavaToJNIMechanismType, JavaToJNIKeyType(jKey.getKeyType()), jKey.getKey(), bArr, iv, this.tag.getBytes()) : decrypt(JavaToJNIMechanismType, JavaToJNIKeyType(jKey.getKeyType()), Parser.softKey2HardCustomKey(jKey.getKeyType(), jKey.getKey()), bArr, iv, this.tag.getBytes()) : decrypt(JavaToJNIMechanismType, JavaToJNIKeyType(jKey.getKeyType()), Parser.softKey2HardCustomKey(jKey.getKeyType(), jKey.getKey()), bArr, iv, this.tag.getBytes()) : decrypt(JavaToJNIMechanismType, JavaToJNIKeyType(jKey.getKeyType()), Parser.softKey2HardCustomKey(jKey.getKeyType(), jKey.getKey()), bArr, iv, this.tag.getBytes()));
        Properties properties = new Properties();
        try {
            properties.load(byteArrayInputStream);
            String property = properties.getProperty("DecData");
            String property2 = properties.getProperty("Error");
            if (!property2.equals("0") || property == null) {
                throw new PKIException(PKIException.CREAT_CERT_OBJECT, PKIException.DECRYPT_DES, (Exception) new PKIException(property2, errorDesc(property2)));
            }
            byte[] decode = Hex.decode(property);
            return mechanism.isPad() ? paddingDrop(mechanism, decode) : decode;
        } catch (Exception unused) {
            throw new PKIException(PKIException.CREAT_CERT_OBJECT, PKIException.DECRYPT_DES, (Exception) new PKIException(JIT_PARSE_FAIL, errorDesc(JIT_PARSE_FAIL)));
        }
    }

    @Override // cn.com.jit.ida.util.pki.cipher.Session
    public byte[] decryptFinal(JHandle jHandle, Mechanism mechanism, byte[] bArr) {
        String mechanismType = mechanism.getMechanismType();
        if (!mechanismType.equals(Mechanism.SF33_ECB) && !mechanismType.equals(Mechanism.RSA_PKCS) && !mechanismType.equals(Mechanism.DES_ECB) && !mechanismType.equals(Mechanism.DES_CBC) && !mechanismType.equals(Mechanism.DES3_ECB) && !mechanismType.equals(Mechanism.DES3_CBC) && !mechanismType.equals(Mechanism.SM2_RAW) && !mechanismType.equals(Mechanism.SF33_CBC) && !mechanismType.equals(Mechanism.AES_CBC) && !mechanismType.equals(Mechanism.AES_ECB) && !mechanismType.equals(Mechanism.SM4_ECB) && !mechanismType.equals(Mechanism.SM4_CBC) && !mechanismType.equals("SCB2_CBC") && !mechanismType.equals("SCB2_ECB") && !mechanismType.equals(Mechanism.RAW)) {
            throw new PKIException(PKIException.CREAT_CERT_OBJECT, "decryption operation failed This operation does not support this type of mechanism " + mechanismType);
        }
        byte[] bArr2 = null;
        if (bArr != null && (bArr2 = decryptUpdate(jHandle, mechanism, bArr)) == null) {
            throw new PKIException(PKIException.CREAT_CERT_OBJECT, PKIException.DECRYPT_DES);
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(decryptFinal(jHandle.getHardLibHandle(), this.tag.getBytes()));
        Properties properties = new Properties();
        try {
            properties.load(byteArrayInputStream);
            String property = properties.getProperty("Error");
            if (property.equals("0")) {
                return mechanism.isPad() ? paddingDrop(mechanism, bArr2) : bArr2;
            }
            throw new PKIException(PKIException.CREAT_CERT_OBJECT, PKIException.DECRYPT_DES, (Exception) new PKIException(property, errorDesc(property)));
        } catch (Exception unused) {
            throw new PKIException(PKIException.CREAT_CERT_OBJECT, PKIException.DECRYPT_DES, (Exception) new PKIException(JIT_PARSE_FAIL, errorDesc(JIT_PARSE_FAIL)));
        }
    }

    @Override // cn.com.jit.ida.util.pki.cipher.Session
    public JHandle decryptInit(Mechanism mechanism, JKey jKey) {
        String mechanismType = mechanism.getMechanismType();
        if (!mechanismType.equals(Mechanism.SF33_ECB) && !mechanismType.equals(Mechanism.RSA_PKCS) && !mechanismType.equals(Mechanism.DES_ECB) && !mechanismType.equals(Mechanism.DES_CBC) && !mechanismType.equals(Mechanism.DES3_ECB) && !mechanismType.equals(Mechanism.DES3_CBC) && !mechanismType.equals(Mechanism.SM2_RAW) && !mechanismType.equals(Mechanism.SF33_CBC) && !mechanismType.equals(Mechanism.AES_CBC) && !mechanismType.equals(Mechanism.AES_ECB) && !mechanismType.equals(Mechanism.SM4_ECB) && !mechanismType.equals(Mechanism.SM4_CBC) && !mechanismType.equals("SCB2_CBC") && !mechanismType.equals("SCB2_ECB") && !mechanismType.equals(Mechanism.RAW)) {
            throw new PKIException(PKIException.CREAT_CERT_OBJECT, "decryption operation failed This operation does not support this type of mechanism " + mechanismType);
        }
        long JavaToJNIMechanismType = JavaToJNIMechanismType(mechanismType);
        CBCParam cBCParam = (CBCParam) mechanism.getParam();
        byte[] iv = cBCParam != null ? cBCParam.getIv() : null;
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream((JavaToJNIMechanismType == 1 && jKey.getKey() == null) ? decryptInit(JavaToJNIMechanismType, JavaToJNIKeyType(jKey.getKeyType()), Long.toString(jKey.getKeyID()).getBytes(), iv, this.tag.getBytes()) : (JavaToJNIMechanismType != 1 || jKey.getKey() == null) ? (JavaToJNIMechanismType != CKM_RSA_RAW || jKey.getKey() == null) ? (JavaToJNIMechanismType != SW_SM2_RAW || jKey.getKey() == null) ? decryptInit(JavaToJNIMechanismType, JavaToJNIKeyType(jKey.getKeyType()), jKey.getKey(), iv, this.tag.getBytes()) : decryptInit(JavaToJNIMechanismType, JavaToJNIKeyType(jKey.getKeyType()), Parser.softKey2HardCustomKey(jKey.getKeyType(), jKey.getKey()), iv, this.tag.getBytes()) : decryptInit(JavaToJNIMechanismType, JavaToJNIKeyType(jKey.getKeyType()), Parser.softKey2HardCustomKey(jKey.getKeyType(), jKey.getKey()), iv, this.tag.getBytes()) : decryptInit(JavaToJNIMechanismType, JavaToJNIKeyType(jKey.getKeyType()), Parser.softKey2HardCustomKey(jKey.getKeyType(), jKey.getKey()), iv, this.tag.getBytes()));
        Properties properties = new Properties();
        try {
            properties.load(byteArrayInputStream);
            String property = properties.getProperty("SessInfo");
            String property2 = properties.getProperty("Error");
            if (!property2.equals("0") || property == null) {
                throw new PKIException(PKIException.CREAT_CERT_OBJECT, PKIException.DECRYPT_DES, (Exception) new PKIException(property2, errorDesc(property2)));
            }
            return new JHandle(Long.parseLong(property), null);
        } catch (Exception unused) {
            throw new PKIException(PKIException.CREAT_CERT_OBJECT, PKIException.DECRYPT_DES, (Exception) new PKIException(JIT_PARSE_FAIL, errorDesc(JIT_PARSE_FAIL)));
        }
    }

    @Override // cn.com.jit.ida.util.pki.cipher.Session
    public JKey decryptPrvEnv(JKey jKey, byte[] bArr) {
        if (jKey == null || bArr == null) {
            throw new PKIException(PKIException.CREAT_CERT_OBJECT, "decryption operation failedinvalid param");
        }
        ASN1Sequence dERSequence = DERSequence.getInstance(Parser.writeBytes2DERObj(bArr));
        if (2 != dERSequence.size()) {
            throw new PKIException(PKIException.CREAT_CERT_OBJECT, "decryption operation failedinvalid param");
        }
        DEROctetString dEROctetString = (DEROctetString) DEROctetString.getInstance(dERSequence.getObjectAt(0));
        new DERSequence(dERSequence.getObjectAt(1));
        if (dEROctetString == null) {
            throw new PKIException(PKIException.CREAT_CERT_OBJECT, "decryption operation failedinvalid param");
        }
        byte[] writeDERObj2Bytes = Parser.writeDERObj2Bytes(dERSequence.getObjectAt(1));
        byte[] octets = dEROctetString.getOctets();
        byte[] decrypt = decrypt(new Mechanism(Mechanism.SM2_RAW), jKey, writeDERObj2Bytes);
        if (decrypt == null) {
            throw new PKIException(PKIException.CREAT_CERT_OBJECT, "decryption operation faileddecrypt syskey error.");
        }
        Mechanism mechanism = new Mechanism(Mechanism.SM4_ECB);
        JKey jKey2 = new JKey("SM4", decrypt);
        byte[] bArr2 = new byte[48];
        if (48 != octets.length) {
            System.arraycopy(octets, 3, bArr2, 0, octets.length - 3);
            octets = bArr2;
        }
        byte[] decrypt2 = decrypt(mechanism, jKey2, octets);
        byte[] bArr3 = new byte[32];
        System.arraycopy(decrypt2, 4, bArr3, 0, decrypt2.length - 4);
        try {
            return Util.getPrvKey(bArr3);
        } catch (Exception e) {
            throw new PKIException(PKIException.CREAT_CERT_OBJECT, "decryption operation failedconvert key data to JKey error", e);
        }
    }

    @Override // cn.com.jit.ida.util.pki.cipher.Session
    public byte[] decryptUpdate(JHandle jHandle, Mechanism mechanism, byte[] bArr) {
        String mechanismType = mechanism.getMechanismType();
        if (!mechanismType.equals(Mechanism.SF33_ECB) && !mechanismType.equals(Mechanism.RSA_PKCS) && !mechanismType.equals(Mechanism.DES_ECB) && !mechanismType.equals(Mechanism.DES_CBC) && !mechanismType.equals(Mechanism.DES3_ECB) && !mechanismType.equals(Mechanism.DES3_CBC) && !mechanismType.equals(Mechanism.SM2_RAW) && !mechanismType.equals(Mechanism.SF33_CBC) && !mechanismType.equals(Mechanism.AES_CBC) && !mechanismType.equals(Mechanism.AES_ECB) && !mechanismType.equals(Mechanism.SM4_ECB) && !mechanismType.equals(Mechanism.SM4_CBC) && !mechanismType.equals("SCB2_CBC") && !mechanismType.equals("SCB2_ECB") && !mechanismType.equals(Mechanism.RAW)) {
            throw new PKIException(PKIException.CREAT_CERT_OBJECT, "decryption operation failed This operation does not support this type of mechanism " + mechanismType);
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(decryptUpdate(jHandle.getHardLibHandle(), bArr, this.tag.getBytes()));
        Properties properties = new Properties();
        try {
            properties.load(byteArrayInputStream);
            String property = properties.getProperty("DecData");
            String property2 = properties.getProperty("Error");
            if (!property2.equals("0") || property == null) {
                throw new PKIException(PKIException.CREAT_CERT_OBJECT, PKIException.DECRYPT_DES, (Exception) new PKIException(property2, errorDesc(property2)));
            }
            return Hex.decode(property);
        } catch (Exception unused) {
            throw new PKIException(PKIException.CREAT_CERT_OBJECT, PKIException.DECRYPT_DES, (Exception) new PKIException(JIT_PARSE_FAIL, errorDesc(JIT_PARSE_FAIL)));
        }
    }

    @Override // cn.com.jit.ida.util.pki.cipher.Session
    public boolean destroyCertObject(byte[] bArr, byte[] bArr2) {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr == null ? destroyCerts(bArr2, this.tag.getBytes()) : destroyCert(bArr, bArr2, this.tag.getBytes()));
        Properties properties = new Properties();
        try {
            properties.load(byteArrayInputStream);
            String property = properties.getProperty("Error");
            if (property.equals("0")) {
                return true;
            }
            if (property.equals(JIT_GETCERT_FAIL)) {
                return false;
            }
            throw new PKIException("8198193", PKIException.DESTROY_CERT_OBJECT_RES, (Exception) new PKIException(property, errorDesc(property)));
        } catch (Exception unused) {
            throw new PKIException("8198192", PKIException.CERT_DATA_FAIL_RES, (Exception) new PKIException(JIT_PARSE_FAIL, errorDesc(JIT_PARSE_FAIL)));
        }
    }

    @Override // cn.com.jit.ida.util.pki.cipher.Session
    public byte[] digest(Mechanism mechanism, InputStream inputStream) {
        int DigestUpdate;
        String mechanismType = mechanism.getMechanismType();
        if (!mechanismType.equals(Mechanism.MD2) && !mechanismType.equals("MD5") && !mechanismType.equals(Mechanism.SM3) && !mechanismType.equals("SHA1") && !mechanismType.equals(Mechanism.SHA224) && !mechanismType.equals("SHA256") && !mechanismType.equals(Mechanism.SHA384) && !mechanismType.equals("SHA512")) {
            throw new PKIException(PKIException.CERT_DATA_FAIL, "Digest operation failed This operation does not support this type of mechanism " + mechanismType);
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(DigestInit(JavaToJNIMechanismType(mechanismType), null, this.tag.getBytes()));
        Properties properties = new Properties();
        try {
            properties.load(byteArrayInputStream);
            String property = properties.getProperty("SessInfo");
            String property2 = properties.getProperty("Error");
            if (!property2.equals("0") || property == null) {
                throw new PKIException(PKIException.CERT_DATA_FAIL, PKIException.DIGEST_DES, (Exception) new PKIException(property2, errorDesc(property2)));
            }
            long parseLong = Long.parseLong(property);
            try {
                byte[] bArr = new byte[1024];
                do {
                    int read = inputStream.read(bArr);
                    if (read <= 0) {
                        ByteArrayInputStream byteArrayInputStream2 = new ByteArrayInputStream(DigestFinal(parseLong, this.tag.getBytes()));
                        Properties properties2 = new Properties();
                        try {
                            properties2.load(byteArrayInputStream2);
                            String property3 = properties2.getProperty("DigestData");
                            String property4 = properties2.getProperty("Error");
                            if (!property4.equals("0") || property3 == null) {
                                throw new PKIException(PKIException.CERT_DATA_FAIL, PKIException.DIGEST_DES, (Exception) new PKIException(property4, errorDesc(property4)));
                            }
                            return Hex.decode(property3);
                        } catch (Exception unused) {
                            throw new PKIException(PKIException.CERT_DATA_FAIL, PKIException.DIGEST_DES, (Exception) new PKIException(JIT_PARSE_FAIL, errorDesc(JIT_PARSE_FAIL)));
                        }
                    }
                    byte[] bArr2 = new byte[read];
                    System.arraycopy(bArr, 0, bArr2, 0, read);
                    DigestUpdate = DigestUpdate(parseLong, bArr2, this.tag.getBytes());
                } while (DigestUpdate == 0);
                String valueOf = String.valueOf(DigestUpdate);
                throw new PKIException(PKIException.CERT_DATA_FAIL, PKIException.DIGEST_DES, (Exception) new PKIException(valueOf, errorDesc(valueOf)));
            } catch (Exception e) {
                throw new PKIException(PKIException.CERT_DATA_FAIL, PKIException.DIGEST_DES, e);
            }
        } catch (Exception e2) {
            throw new PKIException(PKIException.CERT_DATA_FAIL, PKIException.DIGEST_DES, e2);
        }
    }

    @Override // cn.com.jit.ida.util.pki.cipher.Session
    public byte[] digest(Mechanism mechanism, byte[] bArr) {
        String mechanismType = mechanism.getMechanismType();
        if (!mechanismType.equals(Mechanism.MD2) && !mechanismType.equals("MD5") && !mechanismType.equals(Mechanism.SM3) && !mechanismType.equals("SHA1") && !mechanismType.equals(Mechanism.SHA224) && !mechanismType.equals("SHA256") && !mechanismType.equals(Mechanism.SHA384) && !mechanismType.equals("SHA512")) {
            throw new PKIException(PKIException.CERT_DATA_FAIL, "Digest operation failed This operation does not support this type of mechanism " + mechanismType);
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(digest(JavaToJNIMechanismType(mechanismType), bArr, this.tag.getBytes()));
        Properties properties = new Properties();
        try {
            properties.load(byteArrayInputStream);
            String property = properties.getProperty("DigestData");
            if (!properties.getProperty("Error").equals("0") || property == null) {
                throw new PKIException(PKIException.CERT_DATA_FAIL, PKIException.DIGEST_DES);
            }
            return Hex.decode(property);
        } catch (Exception e) {
            throw new PKIException(PKIException.CERT_DATA_FAIL, PKIException.DIGEST_DES, e);
        }
    }

    public byte[] digestSoft(Mechanism mechanism, byte[] bArr) {
        JCrypto jCrypto = JCrypto.getInstance();
        jCrypto.initialize(JCrypto.JSOFT_LIB, null);
        return jCrypto.openSession(JCrypto.JSOFT_LIB).digest(mechanism, bArr);
    }

    @Override // cn.com.jit.ida.util.pki.cipher.Session
    public long encrypt(Mechanism mechanism, JKey jKey, InputStream inputStream, OutputStream outputStream) {
        JHandle encryptInit = encryptInit(mechanism, jKey);
        try {
            byte[] bArr = new byte[1024];
            byte[] bArr2 = null;
            int i = 0;
            while (true) {
                int read = inputStream.read(bArr);
                if (read <= 0) {
                    break;
                }
                bArr2 = new byte[read];
                System.arraycopy(bArr, 0, bArr2, 0, read);
                if (1024 != bArr2.length) {
                    break;
                }
                byte[] encryptUpdate = encryptUpdate(encryptInit, mechanism, bArr2);
                if (encryptUpdate == null) {
                    throw new PKIException(PKIException.DATA_LOAD_FAIL, PKIException.ENCRYPT_DES);
                }
                i += encryptUpdate.length;
                outputStream.write(encryptUpdate);
                bArr2 = new byte[0];
            }
            byte[] encryptFinal = encryptFinal(encryptInit, mechanism, bArr2);
            if (encryptFinal == null) {
                throw new PKIException(PKIException.DATA_LOAD_FAIL, PKIException.ENCRYPT_DES);
            }
            int length = i + encryptFinal.length;
            outputStream.write(encryptFinal);
            return length;
        } catch (Exception e) {
            throw new PKIException(PKIException.DATA_LOAD_FAIL, PKIException.ENCRYPT_DES, e);
        }
    }

    @Override // cn.com.jit.ida.util.pki.cipher.Session
    public byte[] encrypt(Mechanism mechanism, JKey jKey, InputStream inputStream) {
        try {
            byte[] bArr = new byte[inputStream.available()];
            inputStream.read(bArr);
            return encrypt(mechanism, jKey, bArr);
        } catch (Exception e) {
            throw new PKIException(PKIException.DATA_LOAD_FAIL, PKIException.ENCRYPT_DES, e);
        }
    }

    @Override // cn.com.jit.ida.util.pki.cipher.Session
    public byte[] encrypt(Mechanism mechanism, JKey jKey, byte[] bArr) {
        String mechanismType = mechanism.getMechanismType();
        if (!mechanismType.equals(Mechanism.SF33_ECB) && !mechanismType.equals(Mechanism.RSA_PKCS) && !mechanismType.equals(Mechanism.DES_CBC) && !mechanismType.equals(Mechanism.DES_ECB) && !mechanismType.equals(Mechanism.DES3_ECB) && !mechanismType.equals(Mechanism.SM2_RAW) && !mechanismType.equals(Mechanism.SF33_CBC) && !mechanismType.equals(Mechanism.AES_CBC) && !mechanismType.equals(Mechanism.AES_ECB) && !mechanismType.equals(Mechanism.SM4_ECB) && !mechanismType.equals(Mechanism.SM4_CBC) && !mechanismType.equals(Mechanism.SM4_CTR) && !mechanismType.equals(Mechanism.SM4_XTS) && !mechanismType.equals(Mechanism.AES_CTR) && !mechanismType.equals(Mechanism.AES_XTS) && !mechanismType.equals(Mechanism.DES3_CBC) && !mechanismType.equals("SCB2_CBC") && !mechanismType.equals("SCB2_ECB")) {
            throw new PKIException(PKIException.DATA_LOAD_FAIL, "encryption failed This operation does not support this type of mechanism " + mechanismType);
        }
        long JavaToJNIMechanismType = JavaToJNIMechanismType(mechanismType);
        CBCParam cBCParam = (CBCParam) mechanism.getParam();
        byte[] iv = cBCParam != null ? cBCParam.getIv() : null;
        if (mechanism.isPad()) {
            bArr = getPaddingData(mechanism, bArr);
        }
        byte[] bArr2 = bArr;
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(JavaToJNIMechanismType == 1 ? jKey.getKey() == null ? encrypt(JavaToJNIMechanismType, JavaToJNIKeyType(jKey.getKeyType()), Long.toString(jKey.getKeyID()).getBytes(), bArr2, iv, this.tag.getBytes()) : encrypt(JavaToJNIMechanismType, JavaToJNIKeyType(jKey.getKeyType()), Parser.softKey2HardCustomKey(jKey.getKeyType(), jKey.getKey()), bArr2, iv, this.tag.getBytes()) : SW_SM2_RAW == JavaToJNIMechanismType ? jKey.getKey() == null ? encrypt(JavaToJNIMechanismType, JavaToJNIKeyType(jKey.getKeyType()), Long.toString(jKey.getKeyID()).getBytes(), bArr2, iv, this.tag.getBytes()) : encrypt(JavaToJNIMechanismType, JavaToJNIKeyType(jKey.getKeyType()), Parser.softKey2HardCustomKey(jKey.getKeyType(), jKey.getKey()), bArr2, iv, this.tag.getBytes()) : jKey.getKeyType().equalsIgnoreCase("MASTERKEY") ? masterEncrypt(Long.parseLong(this.CfgTag.getMasterKeyEnc()), Integer.parseInt(this.CfgTag.getMasterKeyType()), this.CfgTag.getMasterKeyValue().getBytes(), bArr2, iv, this.tag.getBytes()) : encrypt(JavaToJNIMechanismType, JavaToJNIKeyType(jKey.getKeyType()), jKey.getKey(), bArr2, iv, this.tag.getBytes()));
        Properties properties = new Properties();
        try {
            properties.load(byteArrayInputStream);
            String property = properties.getProperty("EncData");
            String property2 = properties.getProperty("Error");
            if (!property2.equals("0") || property == null) {
                throw new PKIException(PKIException.DATA_LOAD_FAIL, PKIException.ENCRYPT_DES, (Exception) new PKIException(property2, errorDesc(property2)));
            }
            return Hex.decode(property);
        } catch (Exception unused) {
            throw new PKIException(PKIException.DATA_LOAD_FAIL, PKIException.ENCRYPT_DES, (Exception) new PKIException(JIT_PARSE_FAIL, errorDesc(JIT_PARSE_FAIL)));
        }
    }

    @Override // cn.com.jit.ida.util.pki.cipher.Session
    public byte[] encryptFinal(JHandle jHandle, Mechanism mechanism, byte[] bArr) {
        String mechanismType = mechanism.getMechanismType();
        if (!mechanismType.equals(Mechanism.SF33_ECB) && !mechanismType.equals(Mechanism.RSA_PKCS) && !mechanismType.equals(Mechanism.DES_ECB) && !mechanismType.equals(Mechanism.DES_CBC) && !mechanismType.equals(Mechanism.DES3_ECB) && !mechanismType.equals(Mechanism.DES3_CBC) && !mechanismType.equals(Mechanism.SM2_RAW) && !mechanismType.equals(Mechanism.SF33_CBC) && !mechanismType.equals(Mechanism.AES_CBC) && !mechanismType.equals(Mechanism.AES_ECB) && !mechanismType.equals(Mechanism.SM4_ECB) && !mechanismType.equals(Mechanism.SM4_CBC) && !mechanismType.equals("SCB2_CBC") && !mechanismType.equals("SCB2_ECB") && !mechanismType.equals(Mechanism.RAW)) {
            throw new PKIException(PKIException.DATA_LOAD_FAIL, "encryption failed This operation does not support this type of mechanism " + mechanismType);
        }
        if (mechanism.isPad()) {
            bArr = getPaddingData(mechanism, bArr);
        }
        byte[] bArr2 = null;
        if (bArr != null && (bArr2 = encryptUpdate(jHandle, mechanism, bArr)) == null) {
            throw new PKIException(PKIException.DATA_LOAD_FAIL, PKIException.ENCRYPT_DES);
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(encryptFinal(jHandle.getHardLibHandle(), this.tag.getBytes()));
        Properties properties = new Properties();
        try {
            properties.load(byteArrayInputStream);
            String property = properties.getProperty("Error");
            if (property.equals("0")) {
                return bArr2;
            }
            throw new PKIException(PKIException.DATA_LOAD_FAIL, PKIException.ENCRYPT_DES, (Exception) new PKIException(property, errorDesc(property)));
        } catch (Exception unused) {
            throw new PKIException(PKIException.DATA_LOAD_FAIL, PKIException.ENCRYPT_DES, (Exception) new PKIException(JIT_PARSE_FAIL, errorDesc(JIT_PARSE_FAIL)));
        }
    }

    @Override // cn.com.jit.ida.util.pki.cipher.Session
    public JHandle encryptInit(Mechanism mechanism, JKey jKey) {
        String mechanismType = mechanism.getMechanismType();
        if (!mechanismType.equals(Mechanism.SF33_ECB) && !mechanismType.equals(Mechanism.RSA_PKCS) && !mechanismType.equals(Mechanism.DES_ECB) && !mechanismType.equals(Mechanism.DES_CBC) && !mechanismType.equals(Mechanism.DES3_ECB) && !mechanismType.equals(Mechanism.DES3_CBC) && !mechanismType.equals(Mechanism.SM2_RAW) && !mechanismType.equals(Mechanism.SF33_CBC) && !mechanismType.equals(Mechanism.AES_CBC) && !mechanismType.equals(Mechanism.AES_ECB) && !mechanismType.equals(Mechanism.SM4_ECB) && !mechanismType.equals(Mechanism.SM4_CBC) && !mechanismType.equals("SCB2_CBC") && !mechanismType.equals("SCB2_ECB") && !mechanismType.equals(Mechanism.RAW)) {
            throw new PKIException(PKIException.DATA_LOAD_FAIL, "encryption failed This operation does not support this type of mechanism " + mechanismType);
        }
        long JavaToJNIMechanismType = JavaToJNIMechanismType(mechanismType);
        CBCParam cBCParam = (CBCParam) mechanism.getParam();
        byte[] iv = cBCParam != null ? cBCParam.getIv() : null;
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(JavaToJNIMechanismType == 1 ? encryptInit(JavaToJNIMechanismType, JavaToJNIKeyType(jKey.getKeyType()), Parser.softKey2HardCustomKey(jKey.getKeyType(), jKey.getKey()), iv, this.tag.getBytes()) : JavaToJNIMechanismType == SW_SM2_RAW ? encryptInit(JavaToJNIMechanismType, JavaToJNIKeyType(jKey.getKeyType()), Parser.softKey2HardCustomKey(jKey.getKeyType(), jKey.getKey()), iv, this.tag.getBytes()) : encryptInit(JavaToJNIMechanismType, JavaToJNIKeyType(jKey.getKeyType()), jKey.getKey(), iv, this.tag.getBytes()));
        Properties properties = new Properties();
        try {
            properties.load(byteArrayInputStream);
            String property = properties.getProperty("SessInfo");
            String property2 = properties.getProperty("Error");
            if (!property2.equals("0") || property == null) {
                throw new PKIException(PKIException.DATA_LOAD_FAIL, PKIException.ENCRYPT_DES, (Exception) new PKIException(property2, errorDesc(property2)));
            }
            return new JHandle(Long.parseLong(property), null);
        } catch (Exception unused) {
            throw new PKIException(PKIException.DATA_LOAD_FAIL, PKIException.ENCRYPT_DES, (Exception) new PKIException(JIT_PARSE_FAIL, errorDesc(JIT_PARSE_FAIL)));
        }
    }

    @Override // cn.com.jit.ida.util.pki.cipher.Session
    public byte[] encryptUpdate(JHandle jHandle, Mechanism mechanism, byte[] bArr) {
        String mechanismType = mechanism.getMechanismType();
        if (!mechanismType.equals(Mechanism.SF33_ECB) && !mechanismType.equals(Mechanism.RSA_PKCS) && !mechanismType.equals(Mechanism.DES_ECB) && !mechanismType.equals(Mechanism.DES_CBC) && !mechanismType.equals(Mechanism.DES3_ECB) && !mechanismType.equals(Mechanism.DES3_CBC) && !mechanismType.equals(Mechanism.SM2_RAW) && !mechanismType.equals(Mechanism.SF33_CBC) && !mechanismType.equals(Mechanism.AES_CBC) && !mechanismType.equals(Mechanism.AES_ECB) && !mechanismType.equals(Mechanism.SM4_ECB) && !mechanismType.equals(Mechanism.SM4_CBC) && !mechanismType.equals("SCB2_CBC") && !mechanismType.equals("SCB2_ECB") && !mechanismType.equals(Mechanism.RAW)) {
            throw new PKIException(PKIException.DATA_LOAD_FAIL, "encryption failed This operation does not support this type of mechanism " + mechanismType);
        }
        if (!isDataEnough(mechanism, bArr)) {
            throw new PKIException(PKIException.DATA_LOAD_FAIL, "encryption failed source need padding enough");
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(encryptUpdate(jHandle.getHardLibHandle(), bArr, this.tag.getBytes()));
        Properties properties = new Properties();
        try {
            properties.load(byteArrayInputStream);
            String property = properties.getProperty("EncData");
            String property2 = properties.getProperty("Error");
            if (!property2.equals("0") || property == null) {
                throw new PKIException(PKIException.DATA_LOAD_FAIL, PKIException.ENCRYPT_DES, (Exception) new PKIException(property2, errorDesc(property2)));
            }
            return Hex.decode(property);
        } catch (Exception unused) {
            throw new PKIException(PKIException.DATA_LOAD_FAIL, PKIException.ENCRYPT_DES, (Exception) new PKIException(JIT_PARSE_FAIL, errorDesc(JIT_PARSE_FAIL)));
        }
    }

    @Override // cn.com.jit.ida.util.pki.cipher.Session
    public JKey generateKey(Mechanism mechanism, int i) {
        String mechanismType = mechanism.getMechanismType();
        if (!mechanismType.equals("DES") && !mechanismType.equals("SF33") && !mechanismType.equals("DESede") && !mechanismType.equals("RC2") && !mechanismType.equals("RC4") && !mechanismType.equals("AES") && !mechanismType.equals("SM4") && !mechanismType.equals("SCB2")) {
            throw new PKIException("8110", "A symmetric key operation failed This operation does not support this type of mechanism " + mechanismType);
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(generateKey(JavaToJNIMechanismType(mechanismType), i, this.tag.getBytes()));
        Properties properties = new Properties();
        try {
            properties.load(byteArrayInputStream);
            String property = properties.getProperty("Error");
            String property2 = properties.getProperty("lType");
            String property3 = properties.getProperty("pKey");
            if (property3 == null || !property.equals("0")) {
                throw new PKIException("8110", PKIException.SYM_KEY_DES, (Exception) new PKIException(property, errorDesc(property)));
            }
            return new JKey(JNIToJavaKeyType(property2), Hex.decode(property3));
        } catch (Exception unused) {
            throw new PKIException("8110", PKIException.SYM_KEY_DES, (Exception) new PKIException(JIT_PARSE_FAIL, errorDesc(JIT_PARSE_FAIL)));
        }
    }

    @Override // cn.com.jit.ida.util.pki.cipher.Session
    public JKeyPair generateKeyPair(Mechanism mechanism, int i) {
        boolean z;
        byte[] findKeyPair;
        byte[] bytes;
        byte[] bytes2;
        JKey jKey;
        JKey jKey2;
        int i2 = i;
        String mechanismType = mechanism.getMechanismType();
        if (!mechanismType.equals("RSA") && !mechanismType.equals(Mechanism.ECDSA) && !mechanismType.equals("SM2") && !mechanismType.equals(Mechanism.DSA) && !mechanismType.equals(Mechanism.SECP256_k1) && !mechanismType.equals(Mechanism.SECP256_r1) && !mechanismType.equals(Mechanism.SECP384_r1) && !mechanismType.equals("ED25519")) {
            throw new PKIException("8111", "An asymmetric key pair failed This operation does not support this type of mechanism " + mechanismType);
        }
        if (this.CfgTag.isSecpReplaceECDSA() && mechanismType.equals(Mechanism.ECDSA)) {
            mechanismType = i2 == 256 ? Mechanism.SECP256_r1 : i2 == 384 ? Mechanism.SECP384_r1 : Mechanism.SECP256_k1;
        }
        String str = mechanismType;
        long JavaToJNIMechanismType = JavaToJNIMechanismType(str);
        if (JavaToJNIMechanismType == CKM_ED25519_SIGN) {
            JavaToJNIMechanismType = 20480;
        }
        int i3 = 0;
        if (mechanism.getParam() != null) {
            GenKeyAttribute genKeyAttribute = (GenKeyAttribute) mechanism.getParam();
            z = genKeyAttribute.getIsExport();
            i3 = genKeyAttribute.getKeyNum();
        } else {
            z = true;
        }
        if (z) {
            if (i2 == 0) {
                i2 = 1024;
            }
            findKeyPair = generateKeyPair(JavaToJNIMechanismType, i2, this.tag.getBytes());
        } else if (str.equals("RSA")) {
            findKeyPair = findKeyPair(JavaToJNIMechanismType, Integer.parseInt(this.CfgTag.getNoExportRSAKeyType()), (String.valueOf(this.CfgTag.getNoExportRSAPubKeyValue()) + String.valueOf(i3)).getBytes(), (String.valueOf(this.CfgTag.getNoExportRSAPriKeyValue()) + String.valueOf(i3)).getBytes(), this.tag.getBytes());
        } else if (str.equals(Mechanism.ECDSA) || str.equals(Mechanism.SECP256_k1) || str.equals(Mechanism.SECP256_r1) || str.equals(Mechanism.SECP384_r1) || str.equals("ED25519")) {
            findKeyPair = findKeyPair(JavaToJNIMechanismType, Integer.parseInt(this.CfgTag.getNoExportECCKeyType()), (String.valueOf(this.CfgTag.getNoExportECDSAPubKeyValue()) + String.valueOf(i3)).getBytes(), (String.valueOf(this.CfgTag.getNoExportECDSAPriKeyValue()) + String.valueOf(i3)).getBytes(), this.tag.getBytes());
        } else if (str.equals("SM2")) {
            int isSign = ((GenKeyAttribute) mechanism.getParam()).getIsSign();
            int parseInt = Integer.parseInt(this.CfgTag.getNoExportSM2KeyType());
            if (isSign == 1) {
                bytes = (String.valueOf(this.CfgTag.getNoExportSM2PubKeyValue()) + String.valueOf(i3)).getBytes();
                bytes2 = (String.valueOf(this.CfgTag.getNoExportSM2PriKeyValue()) + String.valueOf(i3)).getBytes();
            } else {
                bytes = (String.valueOf(this.CfgTag.getNoExportSM2EncPubKeyValue()) + String.valueOf(i3)).getBytes();
                bytes2 = (String.valueOf(this.CfgTag.getNoExportSM2EncPriKeyValue()) + String.valueOf(i3)).getBytes();
            }
            findKeyPair = findKeyPair(JavaToJNIMechanismType, parseInt, bytes, bytes2, this.tag.getBytes());
        } else if (str.equals(Mechanism.DSA)) {
            findKeyPair = findKeyPair(JavaToJNIMechanismType, Integer.parseInt(this.CfgTag.getNoExportDSAKeyType()), (String.valueOf(this.CfgTag.getNoExportDSAPubKeyValue()) + String.valueOf(i3)).getBytes(), (String.valueOf(this.CfgTag.getNoExportDSAPriKeyValue()) + String.valueOf(i3)).getBytes(), this.tag.getBytes());
        } else {
            findKeyPair = null;
        }
        if (str.equals("RSA")) {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(findKeyPair);
            Properties properties = new Properties();
            try {
                properties.load(byteArrayInputStream);
                String property = properties.getProperty("Error");
                String property2 = properties.getProperty("pubType");
                String property3 = properties.getProperty("pubKeyID");
                String property4 = properties.getProperty("Pub_Modulus");
                String property5 = properties.getProperty("Pub_Exponent");
                if ((property3 == null && property4 == null && property5 == null) || !property.equals("0")) {
                    throw new PKIException("8111", PKIException.KEY_PAIR_DES, (Exception) new PKIException(property, errorDesc(property)));
                }
                String property6 = properties.getProperty("priType");
                String property7 = properties.getProperty("priKeyID");
                String property8 = properties.getProperty("Modulus");
                String property9 = properties.getProperty("PrivateExponent");
                String property10 = properties.getProperty("PublicExponent");
                String property11 = properties.getProperty("Prime1");
                String property12 = properties.getProperty("Prime2");
                String property13 = properties.getProperty("Exponent1");
                String property14 = properties.getProperty("Exponent2");
                String property15 = properties.getProperty("Coefficient");
                if (property7 == null && property8 == null && property9 == null && property10 == null && property11 == null && property12 == null && property13 == null && property14 == null && property15 == null) {
                    throw new PKIException("8111", PKIException.KEY_PAIR_DES);
                }
                if (str.equals("RSA")) {
                    JKey jKey3 = property3 == null ? new JKey(JNIToJavaKeyType(property2), Parser.customData2SoftPublicKey(JNIToJavaKeyType(property2), Hex.decode(property4), Hex.decode(property5))) : new JKey(JNIToJavaKeyType(property2), Long.parseLong(property3));
                    jKey2 = property7 == null ? new JKey(JNIToJavaKeyType(property6), Parser.customData2SoftPrivateKey(JNIToJavaKeyType(property6), Hex.decode(property8), Hex.decode(property9), Hex.decode(property10), Hex.decode(property11), Hex.decode(property12), Hex.decode(property13), Hex.decode(property14), Hex.decode(property15))) : new JKey(JNIToJavaKeyType(property6), Long.parseLong(property7));
                    jKey = jKey3;
                }
                jKey2 = null;
                jKey = null;
            } catch (Exception unused) {
                throw new PKIException("8111", PKIException.KEY_PAIR_DES, (Exception) new PKIException(JIT_PARSE_FAIL, errorDesc(JIT_PARSE_FAIL)));
            }
        } else if (str.equals(Mechanism.ECDSA) || str.equals(Mechanism.SECP256_k1) || str.equals(Mechanism.SECP256_r1) || str.equals(Mechanism.SECP384_r1) || str.equals("SM2") || str.equals("ED25519")) {
            ByteArrayInputStream byteArrayInputStream2 = new ByteArrayInputStream(findKeyPair);
            Properties properties2 = new Properties();
            try {
                properties2.load(byteArrayInputStream2);
                String property16 = properties2.getProperty("Error");
                String property17 = properties2.getProperty("pubType");
                String property18 = properties2.getProperty("pubKeyID");
                String property19 = properties2.getProperty("Pub_ecPoint");
                if ((property18 == null && property19 == null) || !property16.equals("0")) {
                    throw new PKIException("8111", PKIException.KEY_PAIR_DES, (Exception) new PKIException(property16, errorDesc(property16)));
                }
                String property20 = properties2.getProperty("priType");
                String property21 = properties2.getProperty("PriKeyID");
                String property22 = properties2.getProperty("pri_ecValue");
                if (property21 == null && property22 == null) {
                    throw new PKIException("8111", PKIException.KEY_PAIR_DES);
                }
                if (str.equals("ED25519") || str.equals(Mechanism.ECDSA) || str.equals(Mechanism.SECP256_k1) || str.equals(Mechanism.SECP256_r1) || str.equals(Mechanism.SECP384_r1) || str.equals("SM2")) {
                    jKey = property18 == null ? new JKey(JNIToJavaKeyType(property17), ECDSAParser.customData2SoftPublicKeybyKeyType(Hex.decode(property19), str)) : new JKey(JNIToJavaKeyType(property17), Long.parseLong(property18));
                    if (property21 == null) {
                        jKey2 = str.equals("SM2") ? new JKey(JNIToJavaKeyType(property20), ECDSAParser.customData2SoftECPrivKey(Hex.decode(property19), Hex.decode(property22))) : str.equals("ED25519") ? new JKey(JNIToJavaKeyType(property20), EDDSAParser.createED25519PriKey(Hex.decode(property22), Hex.decode(property19))) : new JKey(JNIToJavaKeyType(property20), ECDSAParser.customData2SoftSECPPrivateKeybyKeyType(new BigInteger(1, Hex.decode(property22)), str));
                    } else {
                        JKey jKey4 = new JKey(JNIToJavaKeyType(property20), Long.parseLong(property21));
                        jKey4.setEcdsaType(str);
                        jKey2 = jKey4;
                    }
                }
                jKey2 = null;
                jKey = null;
            } catch (Exception unused2) {
                throw new PKIException("8111", PKIException.KEY_PAIR_DES, (Exception) new PKIException(JIT_PARSE_FAIL, errorDesc(JIT_PARSE_FAIL)));
            }
        } else {
            if (str.equals(Mechanism.DSA)) {
                ByteArrayInputStream byteArrayInputStream3 = new ByteArrayInputStream(findKeyPair);
                Properties properties3 = new Properties();
                try {
                    properties3.load(byteArrayInputStream3);
                    String property23 = properties3.getProperty("Error");
                    String property24 = properties3.getProperty("pubType");
                    String property25 = properties3.getProperty("pubKeyID");
                    String property26 = properties3.getProperty("DSA_P");
                    String property27 = properties3.getProperty("DSA_Q");
                    String property28 = properties3.getProperty("DSA_G");
                    String property29 = properties3.getProperty("Pub_ecPoint");
                    if ((property25 == null && property29 == null) || !property23.equals("0")) {
                        throw new PKIException("8111", PKIException.KEY_PAIR_DES, (Exception) new PKIException(property23, errorDesc(property23)));
                    }
                    String property30 = properties3.getProperty("priType");
                    String property31 = properties3.getProperty("PriKeyID");
                    String property32 = properties3.getProperty("pri_ecValue");
                    if (property31 == null && property32 == null) {
                        throw new PKIException("8111", PKIException.KEY_PAIR_DES);
                    }
                    if (str.equals(Mechanism.DSA)) {
                        JKey jKey5 = property25 == null ? new JKey(JNIToJavaKeyType(property24), Parser.customData2SoftPublicKey(JNIToJavaKeyType(property24), Hex.decode(property26), Hex.decode(property27), Hex.decode(property28), Hex.decode(property29))) : null;
                        if (property31 != null) {
                            jKey2 = new JKey(JNIToJavaKeyType(property30), Long.parseLong(property31));
                            jKey = jKey5;
                        } else {
                            jKey = jKey5;
                            jKey2 = null;
                        }
                    }
                } catch (Exception unused3) {
                    throw new PKIException("8111", PKIException.KEY_PAIR_DES, (Exception) new PKIException(JIT_PARSE_FAIL, errorDesc(JIT_PARSE_FAIL)));
                }
            }
            jKey2 = null;
            jKey = null;
        }
        return new JKeyPair(jKey, jKey2);
    }

    @Override // cn.com.jit.ida.util.pki.cipher.Session
    public EnvkeyParam generateKeyPair_ex(JKey jKey, Mechanism mechanism, int i, String str, String str2) {
        String mechanismType = mechanism.getMechanismType();
        if (!mechanismType.equals("SM2")) {
            throw new PKIException("8111", "An asymmetric key pair failed This operation does not support this type of mechanism " + mechanismType);
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(generateKeyPairEx(JavaToJNIMechanismType(mechanismType), i, str.getBytes(), str2.getBytes(), Parser.softKey2HardCustomKey(jKey.getKeyType(), jKey.getKey()), this.tag.getBytes()));
        Properties properties = new Properties();
        try {
            properties.load(byteArrayInputStream);
            String property = properties.getProperty("Error");
            String property2 = properties.getProperty("pubType");
            String property3 = properties.getProperty("pubKeyID");
            String property4 = properties.getProperty("Pub_ecPoint");
            if ((property3 == null && property4 == null) || !property.equals("0")) {
                throw new PKIException("8111", PKIException.KEY_PAIR_DES, (Exception) new PKIException(property, errorDesc(property)));
            }
            String property5 = properties.getProperty("PriKeyID");
            String property6 = properties.getProperty("pri_ecValue");
            if (property5 == null && property6 == null) {
                throw new PKIException("8111", PKIException.KEY_PAIR_DES);
            }
            String property7 = properties.getProperty("pKey");
            if (property7 == null || !property.equals("0")) {
                throw new PKIException("8111", PKIException.KEY_PAIR_DES, (Exception) new PKIException(property, errorDesc(property)));
            }
            EnvkeyParam envkeyParam = new EnvkeyParam();
            envkeyParam.setPubKey(new JKey(JNIToJavaKeyType(property2), ECDSAParser.customData2SoftPublicKey(Hex.decode(property4), null)));
            envkeyParam.setEncedSysKey(Hex.decode(property7));
            ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
            aSN1EncodableVector.add(new DEROctetString(Hex.decode(property6)));
            aSN1EncodableVector.add(Parser.writeBytes2DERObj(Hex.decode(property7)));
            envkeyParam.setEnvData(Parser.writeDERObj2Bytes(new BERSequence(aSN1EncodableVector)));
            return envkeyParam;
        } catch (Exception unused) {
            throw new PKIException("8111", PKIException.KEY_PAIR_DES, (Exception) new PKIException(JIT_PARSE_FAIL, errorDesc(JIT_PARSE_FAIL)));
        }
    }

    @Override // cn.com.jit.ida.util.pki.cipher.Session
    public JKey generatePBEKey(Mechanism mechanism, char[] cArr) {
        throw new UnsupportedOperationException("Method generatePBEKey() not yet implemented.");
    }

    @Override // cn.com.jit.ida.util.pki.cipher.Session
    public byte[] generateRandom(Mechanism mechanism, int i) {
        if (!mechanism.getMechanismType().equals(Mechanism.RANDOM)) {
            throw new PKIException("8113", "Failed to generate random number This operation does not support this type of mechanism Random");
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(generateRandom(i, this.tag.getBytes()));
        Properties properties = new Properties();
        try {
            properties.load(byteArrayInputStream);
            String property = properties.getProperty("RandomData");
            if (!properties.getProperty("Error").equals("0") || property == null) {
                throw new PKIException(PKIException.DESTROY_CERT_OBJECT, PKIException.RANDOM_DES);
            }
            return Hex.decode(property);
        } catch (Exception e) {
            throw new PKIException(PKIException.DESTROY_CERT_OBJECT, PKIException.RANDOM_DES, e);
        }
    }

    @Override // cn.com.jit.ida.util.pki.cipher.Session
    public byte[] getCertObject(byte[] bArr) {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(getCert(bArr, this.tag.getBytes()));
        Properties properties = new Properties();
        try {
            properties.load(byteArrayInputStream);
            String property = properties.getProperty("Error");
            String property2 = properties.getProperty("certObject");
            if (!property.equals("0") || property2 == null) {
                throw new PKIException("8198194", PKIException.GET_CERT_OBJECT_RES, (Exception) new PKIException(property, errorDesc(property)));
            }
            return Hex.decode(property2);
        } catch (Exception unused) {
            throw new PKIException("8198194", PKIException.GET_CERT_OBJECT_RES, (Exception) new PKIException(JIT_PARSE_FAIL, errorDesc(JIT_PARSE_FAIL)));
        }
    }

    @Override // cn.com.jit.ida.util.pki.cipher.Session
    public PKIToolConfig getCfgTag() {
        return this.CfgTag;
    }

    @Override // cn.com.jit.ida.util.pki.cipher.Session
    public String getCfgTagName() {
        return this.tag;
    }

    public byte[] getMrtdVision(byte[] bArr) {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(getMRTDVision(bArr, this.tag.getBytes()));
        Properties properties = new Properties();
        try {
            properties.load(byteArrayInputStream);
            String property = properties.getProperty("Error");
            String property2 = properties.getProperty("Mrtd_version");
            if (property.equals("0")) {
                return Hex.decode(property2);
            }
            throw new PKIException(PKIException.JHARDLIB, new PKIException(property, errorDesc(property)));
        } catch (Exception unused) {
            throw new PKIException(JIT_PARSE_FAIL, errorDesc(JIT_PARSE_FAIL));
        }
    }

    public String getSessVersion() {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(getMRTDVision(null, null));
        Properties properties = new Properties();
        try {
            properties.load(byteArrayInputStream);
            String property = properties.getProperty("Error");
            String property2 = properties.getProperty("version");
            if (property.equals("0")) {
                return property2;
            }
            throw new PKIException(PKIException.JHARDLIB, new PKIException(property, errorDesc(property)));
        } catch (Exception unused) {
            throw new PKIException(JIT_PARSE_FAIL, errorDesc(JIT_PARSE_FAIL));
        }
    }

    @Override // cn.com.jit.ida.util.pki.cipher.Session
    public byte[] mac(Mechanism mechanism, JKey jKey, InputStream inputStream) {
        throw new PKIException(PKIException.DESTROY_CERT_OBJECT, "MAC operation failed mac() JHardLib didn't support Stream-Operation yet. ");
    }

    @Override // cn.com.jit.ida.util.pki.cipher.Session
    public byte[] mac(Mechanism mechanism, JKey jKey, byte[] bArr) {
        throw new UnsupportedOperationException("Method mac() not yet implemented.");
    }

    @Override // cn.com.jit.ida.util.pki.cipher.Session
    public void setCfgTag(PKIToolConfig pKIToolConfig) {
        this.CfgTag = pKIToolConfig;
        this.tag = pKIToolConfig.getTagName();
    }

    @Override // cn.com.jit.ida.util.pki.cipher.Session
    public byte[] sign(Mechanism mechanism, JKey jKey, InputStream inputStream) {
        int SignUpdate;
        String mechanismType = mechanism.getMechanismType();
        if (!mechanismType.equals("MD5withRSAEncryption") && !mechanismType.equals(Mechanism.RSA_PKCS) && !mechanismType.equals("SHA1withRSAEncryption") && !mechanismType.equals("SHA1withECDSA") && !mechanismType.equals("SHA224withECDSA") && !mechanismType.equals("SHA256withECDSA") && !mechanismType.equals("SHA1withDSA") && !mechanismType.equals(Mechanism.SHA224_DSA) && !mechanismType.equals(Mechanism.SHA256_DSA) && !mechanismType.equals("SM3withSM2Encryption") && !mechanismType.equals("SHA224withRSAEncryption") && !mechanismType.equals("SHA256withRSAEncryption") && !mechanismType.equals("SHA384withRSAEncryption") && !mechanismType.equals("SHA512withRSAEncryption")) {
            throw new PKIException("8195", "signature operation failed This operation does not support this type of mechanism " + mechanismType);
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(SignInit(JavaToJNIMechanismType(mechanismType), JavaToJNIKeyType(jKey.getKeyType()), jKey.getKey() != null ? Parser.softKey2HardCustomKey(jKey.getKeyType(), jKey.getKey()) : Long.toString(jKey.getKeyID()).getBytes(), null, this.tag.getBytes()));
        Properties properties = new Properties();
        try {
            properties.load(byteArrayInputStream);
            String property = properties.getProperty("SessInfo");
            String property2 = properties.getProperty("Error");
            if (!property2.equals("0") || property == null) {
                throw new PKIException("8195", PKIException.SIGN_DES, (Exception) new PKIException(property2, errorDesc(property2)));
            }
            long parseLong = Long.parseLong(property);
            try {
                byte[] bArr = new byte[1024];
                do {
                    int read = inputStream.read(bArr);
                    if (read <= 0) {
                        ByteArrayInputStream byteArrayInputStream2 = new ByteArrayInputStream(SignFinal(parseLong, this.tag.getBytes()));
                        Properties properties2 = new Properties();
                        try {
                            properties2.load(byteArrayInputStream2);
                            String property3 = properties2.getProperty("SignData");
                            String property4 = properties2.getProperty("Error");
                            if (!property4.equals("0") || property3 == null) {
                                throw new PKIException("8195", PKIException.SIGN_DES, (Exception) new PKIException(property4, errorDesc(property4)));
                            }
                            return Hex.decode(property3);
                        } catch (Exception unused) {
                            throw new PKIException("8195", PKIException.SIGN_DES, (Exception) new PKIException(JIT_PARSE_FAIL, errorDesc(JIT_PARSE_FAIL)));
                        }
                    }
                    byte[] bArr2 = new byte[read];
                    System.arraycopy(bArr, 0, bArr2, 0, read);
                    SignUpdate = SignUpdate(parseLong, bArr2, this.tag.getBytes());
                } while (SignUpdate == 0);
                String valueOf = String.valueOf(SignUpdate);
                throw new PKIException("8195", PKIException.SIGN_DES, (Exception) new PKIException(valueOf, errorDesc(valueOf)));
            } catch (Exception e) {
                throw new PKIException("8195", PKIException.SIGN_DES, e);
            }
        } catch (Exception unused2) {
            throw new PKIException("8195", PKIException.SIGN_DES, (Exception) new PKIException(JIT_PARSE_FAIL, errorDesc(JIT_PARSE_FAIL)));
        }
    }

    @Override // cn.com.jit.ida.util.pki.cipher.Session
    public byte[] sign(Mechanism mechanism, JKey jKey, byte[] bArr) {
        String mechanismType = mechanism.getMechanismType();
        if (!mechanismType.equals("MD5withRSAEncryption") && !mechanismType.equals(Mechanism.RSA_PKCS) && !mechanismType.equals("SHA1withRSAEncryption") && !mechanismType.equals("SHA1withECDSA") && !mechanismType.equals("SHA224withECDSA") && !mechanismType.equals("SHA256withECDSA") && !mechanismType.equals("SHA384withECDSA") && !mechanismType.equals("SHA512withECDSA") && !mechanismType.equals("SHA1withDSA") && !mechanismType.equals(Mechanism.SHA224_DSA) && !mechanismType.equals(Mechanism.SHA256_DSA) && !mechanismType.equals("SM3withSM2Encryption") && !mechanismType.equals("SHA224withRSAEncryption") && !mechanismType.equals("SHA256withRSAEncryption") && !mechanismType.equals("SHA384withRSAEncryption") && !mechanismType.equals("SHA512withRSAEncryption") && !mechanismType.equals(Mechanism.SHA1_RSA_PSS) && !mechanismType.equals(Mechanism.SHA224_RSA_PSS) && !mechanismType.equals(Mechanism.SHA256_RSA_PSS) && !mechanismType.equals(Mechanism.SHA384_RSA_PSS) && !mechanismType.equals(Mechanism.SHA512_RSA_PSS) && !mechanismType.equals(Mechanism.SECP384_r1_RAW) && !mechanismType.equals(Mechanism.SECP384_r1_DER) && !mechanismType.equals(Mechanism.SECP256_r1_RAW) && !mechanismType.equals(Mechanism.SECP256_r1_DER) && !mechanismType.equals(Mechanism.SECP256_k1_RAW) && !mechanismType.equals(Mechanism.SECP256_k1_DER) && !mechanismType.equals("ED25519") && !mechanismType.equals("ED448")) {
            throw new PKIException("8195", "signature operation failed This operation does not support this type of mechanism " + mechanismType);
        }
        if (mechanismType.equals(Mechanism.SECP384_r1_RAW) || mechanismType.equals(Mechanism.SECP384_r1_DER) || mechanismType.equals(Mechanism.SECP256_r1_RAW) || mechanismType.equals(Mechanism.SECP256_r1_DER) || mechanismType.equals(Mechanism.SECP256_k1_RAW) || mechanismType.equals(Mechanism.SECP256_k1_DER)) {
            Mechanism mechanism2 = new Mechanism(mechanism.getSignType());
            if (mechanism2.isDigestabled()) {
                bArr = digestSoft(mechanism2, bArr);
            }
        }
        if (this.CfgTag.isSecpReplaceECDSA()) {
            if ("SHA1withECDSA".equals(mechanismType)) {
                mechanismType = ECDSAParser.getECDSAPriKeyType(jKey);
                bArr = digestSoft(new Mechanism("SHA1"), bArr);
            }
            if ("SHA224withECDSA".equals(mechanismType)) {
                mechanismType = ECDSAParser.getECDSAPriKeyType(jKey);
                bArr = digestSoft(new Mechanism(Mechanism.SHA224), bArr);
            }
            if ("SHA256withECDSA".equals(mechanismType)) {
                mechanismType = ECDSAParser.getECDSAPriKeyType(jKey);
                bArr = digestSoft(new Mechanism("SHA256"), bArr);
            }
            if ("SHA384withECDSA".equals(mechanismType)) {
                String eCDSAPriKeyType = ECDSAParser.getECDSAPriKeyType(jKey);
                bArr = digestSoft(new Mechanism(Mechanism.SHA384), bArr);
                mechanismType = eCDSAPriKeyType;
            }
            if ("SHA512withECDSA".equals(mechanismType)) {
                mechanismType = ECDSAParser.getECDSAPriKeyType(jKey);
                bArr = digestSoft(new Mechanism("SHA512"), bArr);
            }
        }
        byte[] bArr2 = bArr;
        long JavaToJNIMechanismType = JavaToJNIMechanismType(mechanismType);
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(jKey.getKey() != null ? sign(JavaToJNIMechanismType, JavaToJNIKeyType(jKey.getKeyType()), Parser.softKey2HardCustomKey(jKey.getKeyType(), jKey.getKey()), bArr2, this.tag.getBytes()) : sign(JavaToJNIMechanismType, JavaToJNIKeyType(jKey.getKeyType()), Long.toString(jKey.getKeyID()).getBytes(), bArr2, this.tag.getBytes()));
        Properties properties = new Properties();
        try {
            properties.load(byteArrayInputStream);
            String property = properties.getProperty("SignData");
            String property2 = properties.getProperty("Error");
            if (!property2.equals("0") || property == null) {
                throw new PKIException("8195", PKIException.SIGN_DES, (Exception) new PKIException(property2, errorDesc(property2)));
            }
            byte[] decode = Hex.decode(property);
            return (Mechanism.SECP256_r1_DER.equals(mechanismType) || Mechanism.SECP256_k1_DER.equals(mechanismType) || Mechanism.SECP384_r1_DER.equals(mechanismType)) ? Util.convertHardSignData2SoftSignData(decode) : decode;
        } catch (Exception unused) {
            throw new PKIException("8195", PKIException.SIGN_DES, (Exception) new PKIException(JIT_PARSE_FAIL, errorDesc(JIT_PARSE_FAIL)));
        }
    }

    @Override // cn.com.jit.ida.util.pki.cipher.Session
    public byte[] signHash(Mechanism mechanism, JKey jKey, byte[] bArr) {
        throw new PKIException("8195", "failed signature signature operationfunction not support in JHARDLib");
    }

    @Override // cn.com.jit.ida.util.pki.cipher.Session
    public boolean updateKeyPair(Mechanism mechanism, JKey jKey, JKey jKey2, int i) {
        String mechanismType = mechanism.getMechanismType();
        if (!mechanismType.equals("RSA") && !mechanismType.equals("SM2")) {
            throw new PKIException("8198195", "Replacement key pair failed This operation does not support this type of mechanism " + mechanismType);
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(updateKeyPair(JavaToJNIMechanismType(mechanismType), Parser.softKey2HardCustomKey(jKey.getKeyType(), jKey.getKey()), Parser.softKey2HardCustomKey(jKey2.getKeyType(), jKey2.getKey()), i, this.CfgTag.getNoExportRSAPubKeyValue().getBytes(), this.CfgTag.getNoExportRSAPriKeyValue().getBytes(), this.CfgTag.getNoExportRSAKeyValue().getBytes(), this.tag.getBytes()));
        Properties properties = new Properties();
        try {
            properties.load(byteArrayInputStream);
            String property = properties.getProperty("Error");
            if (property.equals("0")) {
                return true;
            }
            throw new PKIException("8198195", PKIException.UPDATE_KEYPAIR_RES, (Exception) new PKIException(property, errorDesc(property)));
        } catch (Exception unused) {
            throw new PKIException("8198195", PKIException.UPDATE_KEYPAIR_RES, (Exception) new PKIException(JIT_PARSE_FAIL, errorDesc(JIT_PARSE_FAIL)));
        }
    }

    public boolean updateKeyPairEx(JKey jKey, byte[] bArr, String str, Mechanism mechanism, byte[] bArr2, Mechanism mechanism2, JKey jKey2, int i, boolean z) {
        Mechanism mechanism3;
        JKey jKey3;
        byte[] softKey2HardCustomKey;
        byte[] bytes;
        byte[] bArr3;
        byte[] bArr4;
        byte[] bArr5;
        if (jKey == null || bArr == null || bArr2 == null) {
            throw new PKIException("8198195", "Replacement key pair failed parameter is incomplete");
        }
        if (!str.equals(JKey.RSA_PRV_KEY) && !str.equals(JKey.SM2_PRV_KEY)) {
            throw new PKIException("8198195", "Replacement key pair failed This operation does not support this type of mechanism " + str);
        }
        if (jKey2 == null) {
            GenKeyAttribute genKeyAttribute = new GenKeyAttribute();
            genKeyAttribute.setIsExport(false);
            genKeyAttribute.setKeyNum(i);
            genKeyAttribute.setIsSign(1);
            Mechanism mechanism4 = str.equals(JKey.RSA_PRV_KEY) ? new Mechanism("RSA") : new Mechanism("SM2");
            mechanism4.setParam(genKeyAttribute);
            jKey3 = generateKeyPair(mechanism4, 0).getPrivateKey();
            mechanism3 = mechanism;
        } else {
            mechanism3 = mechanism;
            jKey3 = jKey2;
        }
        byte[] decrypt = decrypt(mechanism3, jKey3, bArr2);
        if (decrypt == null) {
            throw new PKIException("8198195", "Replacement key pair failed decrypt syskey error.");
        }
        String encMech2KeyType = encMech2KeyType(mechanism2);
        if (encMech2KeyType == null) {
            throw new PKIException("8198195", "Replacement key pair failed unkown syskey type.");
        }
        JKey jKey4 = new JKey(encMech2KeyType, decrypt);
        long j = str.equals(JKey.RSA_PRV_KEY) ? 0L : SW_SM2;
        mechanism2.setPad(false);
        byte[] decrypt2 = decrypt(mechanism2, jKey4, bArr);
        if (str.equals(JKey.RSA_PRV_KEY)) {
            softKey2HardCustomKey = Parser.softKey2HardCustomKey(jKey.getKeyType(), jKey.getKey());
            bArr5 = Parser.softKey2HardCustomKey(JKey.RSA_PRV_KEY, decrypt2);
            byte[] bytes2 = this.CfgTag.getNoExportRSAPubKeyValue().getBytes();
            byte[] bytes3 = this.CfgTag.getNoExportRSAPriKeyValue().getBytes();
            bytes = this.CfgTag.getNoExportRSAKeyValue().getBytes();
            bArr3 = bytes2;
            bArr4 = bytes3;
        } else {
            softKey2HardCustomKey = Parser.softKey2HardCustomKey(jKey.getKeyType(), jKey.getKey());
            byte[] bArr6 = new byte[32];
            System.arraycopy(decrypt2, 32, bArr6, 0, decrypt2.length - 32);
            byte[] bytes4 = this.CfgTag.getNoExportSM2EncPubKeyValue().getBytes();
            byte[] bytes5 = this.CfgTag.getNoExportSM2EncPriKeyValue().getBytes();
            bytes = this.CfgTag.getNoExportRSAKeyValue().getBytes();
            bArr3 = bytes4;
            bArr4 = bytes5;
            bArr5 = bArr6;
        }
        byte[] bArr7 = bytes;
        byte[] bArr8 = softKey2HardCustomKey;
        try {
            byte[] hardKey2SoftPubKey = Util.hardKey2SoftPubKey(jKey);
            byte[] bArr9 = new byte[hardKey2SoftPubKey.length - 1];
            System.arraycopy(hardKey2SoftPubKey, 1, bArr9, 0, hardKey2SoftPubKey.length - 1);
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(updateKeyPair(j, bArr8, Parser.softKey2HardCustomKey(JKey.SM2_PRV_KEY, ECDSAParser.customData2SoftECPrivKey(bArr9, bArr5)), i, bArr3, bArr4, bArr7, this.tag.getBytes()));
            Properties properties = new Properties();
            try {
                properties.load(byteArrayInputStream);
                String property = properties.getProperty("Error");
                if (property.equals("0")) {
                    return true;
                }
                throw new PKIException("8198195", PKIException.UPDATE_KEYPAIR_RES, (Exception) new PKIException(property, errorDesc(property)));
            } catch (Exception unused) {
                throw new PKIException("8198195", PKIException.UPDATE_KEYPAIR_RES, (Exception) new PKIException(JIT_PARSE_FAIL, errorDesc(JIT_PARSE_FAIL)));
            }
        } catch (Exception e) {
            throw new PKIException("8198195", "Replacement key pair failed get ecpoint error", e);
        }
    }

    public boolean updateKeyPairEx_sm2wraped(JKey jKey, byte[] bArr, int i, boolean z) {
        Mechanism mechanism;
        if (bArr == null) {
            throw new PKIException("8198195", "Replacement key pair failed parameter is incomplete");
        }
        ASN1Sequence dERSequence = DERSequence.getInstance(Parser.writeBytes2DERObj(bArr));
        if (dERSequence.size() != 4) {
            throw new PKIException("8198195", "Replacement key pair failed unkown wrapedData");
        }
        String id = AlgorithmIdentifier.getInstance(dERSequence.getObjectAt(0)).getObjectId().getId();
        JKey jKey2 = new JKey();
        if (id.equals(PKCSObjectIdentifiers.gm_SM4.getId())) {
            mechanism = new Mechanism(Mechanism.SM4_ECB);
            jKey2.setKeyType("SM4");
        } else if (id.equals(PKCSObjectIdentifiers.gm_SM1.getId())) {
            mechanism = new Mechanism("SCB2_ECB");
            jKey2.setKeyType("SCB2");
        } else {
            if (!id.equals(PKCSObjectIdentifiers.gm_SSF33.getId())) {
                throw new PKIException("8198195", "Replacement key pair failed unsupported sys encrypt mech");
            }
            mechanism = new Mechanism(Mechanism.SF33_ECB);
            jKey2.setKeyType("SF33");
        }
        Mechanism mechanism2 = mechanism;
        byte[] writeDERObj2Bytes = Parser.writeDERObj2Bytes(dERSequence.getObjectAt(1));
        byte[] bytes = ((DERBitString) dERSequence.getObjectAt(3)).getBytes();
        if (writeDERObj2Bytes == null || bytes == null) {
            throw new PKIException("8198195", "Replacement key pair failed unkown wrapedData");
        }
        return updateKeyPairEx(jKey, bytes, JKey.SM2_PRV_KEY, new Mechanism(Mechanism.SM2_RAW), writeDERObj2Bytes, mechanism2, null, i, z);
    }

    @Override // cn.com.jit.ida.util.pki.cipher.Session
    public boolean verifyMac(Mechanism mechanism, JKey jKey, InputStream inputStream, byte[] bArr) {
        throw new PKIException(PKIException.GET_CERT_OBJECT, "Verify MAC operation failed verifyMac() JHardLib didn't support Stream-Operation yet. ");
    }

    @Override // cn.com.jit.ida.util.pki.cipher.Session
    public boolean verifyMac(Mechanism mechanism, JKey jKey, byte[] bArr, byte[] bArr2) {
        throw new UnsupportedOperationException("Method verifyMac() not yet implemented.");
    }

    @Override // cn.com.jit.ida.util.pki.cipher.Session
    public boolean verifySign(Mechanism mechanism, JKey jKey, InputStream inputStream, byte[] bArr) {
        int VerifyUpdate;
        String mechanismType = mechanism.getMechanismType();
        if (!mechanismType.equals("MD5withRSAEncryption") && !mechanismType.equals(Mechanism.RSA_PKCS) && !mechanismType.equals("SHA1withRSAEncryption") && !mechanismType.equals("SHA1withECDSA") && !mechanismType.equals("SHA224withECDSA") && !mechanismType.equals("SHA256withECDSA") && !mechanismType.equals("SHA1withDSA") && !mechanismType.equals(Mechanism.SHA224_DSA) && !mechanismType.equals(Mechanism.SHA256_DSA) && !mechanismType.equals("SM3withSM2Encryption") && !mechanismType.equals("SHA224withRSAEncryption") && !mechanismType.equals("SHA256withRSAEncryption") && !mechanismType.equals("SHA384withRSAEncryption") && !mechanismType.equals("SHA512withRSAEncryption")) {
            throw new PKIException("8196", "Verify signature failed operation This operation does not support this type of mechanism " + mechanismType);
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(VerifyInit(JavaToJNIMechanismType(mechanismType), JavaToJNIKeyType(jKey.getKeyType()), Parser.softKey2HardCustomKey(jKey.getKeyType(), jKey.getKey()), null, this.tag.getBytes()));
        Properties properties = new Properties();
        try {
            properties.load(byteArrayInputStream);
            String property = properties.getProperty("SessInfo");
            String property2 = properties.getProperty("Error");
            if (!property2.equals("0") || property == null) {
                throw new PKIException("8196", PKIException.VERIFY_SIGN_DES, (Exception) new PKIException(property2, errorDesc(property2)));
            }
            long parseLong = Long.parseLong(property);
            try {
                byte[] bArr2 = new byte[1024];
                do {
                    int read = inputStream.read(bArr2);
                    if (read <= 0) {
                        int VerifyFinal = VerifyFinal(parseLong, bArr, this.tag.getBytes());
                        if (VerifyFinal == 0) {
                            return true;
                        }
                        if (192 == VerifyFinal) {
                            return false;
                        }
                        String valueOf = String.valueOf(VerifyFinal);
                        throw new PKIException("8196", PKIException.VERIFY_SIGN_DES, (Exception) new PKIException(valueOf, errorDesc(valueOf)));
                    }
                    byte[] bArr3 = new byte[read];
                    System.arraycopy(bArr2, 0, bArr3, 0, read);
                    VerifyUpdate = VerifyUpdate(parseLong, bArr3, this.tag.getBytes());
                } while (VerifyUpdate == 0);
                String valueOf2 = String.valueOf(VerifyUpdate);
                throw new PKIException("8196", PKIException.VERIFY_SIGN_DES, (Exception) new PKIException(valueOf2, errorDesc(valueOf2)));
            } catch (Exception e) {
                throw new PKIException("8196", PKIException.VERIFY_SIGN_DES, e);
            }
        } catch (Exception unused) {
            throw new PKIException("8196", PKIException.VERIFY_SIGN_DES, (Exception) new PKIException(JIT_PARSE_FAIL, errorDesc(JIT_PARSE_FAIL)));
        }
    }

    @Override // cn.com.jit.ida.util.pki.cipher.Session
    public boolean verifySign(Mechanism mechanism, JKey jKey, byte[] bArr, byte[] bArr2) {
        String mechanismType = mechanism.getMechanismType();
        if (!mechanismType.equals("MD5withRSAEncryption") && !mechanismType.equals("SHA1withRSAEncryption") && !mechanismType.equals("SHA1withECDSA") && !mechanismType.equals("SHA224withECDSA") && !mechanismType.equals("SHA256withECDSA") && !mechanismType.equals("SHA384withECDSA") && !mechanismType.equals("SHA512withECDSA") && !mechanismType.equals("SHA1withDSA") && !mechanismType.equals(Mechanism.SHA224_DSA) && !mechanismType.equals(Mechanism.SHA256_DSA) && !mechanismType.equals("SM3withSM2Encryption") && !mechanismType.equals("SHA224withRSAEncryption") && !mechanismType.equals("SHA256withRSAEncryption") && !mechanismType.equals("SHA384withRSAEncryption") && !mechanismType.equals("SHA512withRSAEncryption") && !mechanismType.equals(Mechanism.SHA1_RSA_PSS) && !mechanismType.equals(Mechanism.SHA224_RSA_PSS) && !mechanismType.equals(Mechanism.SHA256_RSA_PSS) && !mechanismType.equals(Mechanism.SHA384_RSA_PSS) && !mechanismType.equals(Mechanism.SHA512_RSA_PSS) && !mechanismType.equals(Mechanism.SECP384_r1_RAW) && !mechanismType.equals(Mechanism.SECP384_r1_DER) && !mechanismType.equals(Mechanism.SECP256_r1_RAW) && !mechanismType.equals(Mechanism.SECP256_r1_DER) && !mechanismType.equals(Mechanism.SECP256_k1_RAW) && !mechanismType.equals(Mechanism.SECP256_k1_DER) && !mechanismType.equals("ED25519") && !mechanismType.equals("ED448")) {
            throw new PKIException("8196", "Verify signature failed operation This operation does not support this type of mechanism " + mechanismType);
        }
        if (mechanismType.equals(Mechanism.SECP384_r1_RAW) || mechanismType.equals(Mechanism.SECP384_r1_DER) || mechanismType.equals(Mechanism.SECP256_r1_RAW) || mechanismType.equals(Mechanism.SECP256_r1_DER) || mechanismType.equals(Mechanism.SECP256_k1_RAW) || mechanismType.equals(Mechanism.SECP256_k1_DER)) {
            Mechanism mechanism2 = new Mechanism(mechanism.getSignType());
            if (mechanism2.isDigestabled()) {
                bArr = digestSoft(mechanism2, bArr);
            }
        }
        if (this.CfgTag.isSecpReplaceECDSA()) {
            if ("SHA1withECDSA".equals(mechanismType)) {
                mechanismType = ECDSAParser.getECDSAPubKeyType(jKey);
                bArr = digestSoft(new Mechanism("SHA1"), bArr);
            }
            if ("SHA224withECDSA".equals(mechanismType)) {
                mechanismType = ECDSAParser.getECDSAPubKeyType(jKey);
                bArr = digestSoft(new Mechanism(Mechanism.SHA224), bArr);
            }
            if ("SHA256withECDSA".equals(mechanismType)) {
                mechanismType = ECDSAParser.getECDSAPubKeyType(jKey);
                bArr = digestSoft(new Mechanism("SHA256"), bArr);
            }
            if ("SHA384withECDSA".equals(mechanismType)) {
                String eCDSAPubKeyType = ECDSAParser.getECDSAPubKeyType(jKey);
                bArr = digestSoft(new Mechanism(Mechanism.SHA384), bArr);
                mechanismType = eCDSAPubKeyType;
            }
            if ("SHA512withECDSA".equals(mechanismType)) {
                mechanismType = ECDSAParser.getECDSAPubKeyType(jKey);
                bArr = digestSoft(new Mechanism("SHA512"), bArr);
            }
        }
        byte[] bArr3 = bArr;
        long JavaToJNIMechanismType = JavaToJNIMechanismType(mechanismType);
        if (Mechanism.SECP256_r1_DER.equals(mechanismType) || Mechanism.SECP256_k1_DER.equals(mechanismType) || Mechanism.SECP384_r1_DER.equals(mechanismType)) {
            bArr2 = Util.convertSoftSignData2HardSignData(bArr2);
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(verifySign(JavaToJNIMechanismType, JavaToJNIKeyType(jKey.getKeyType()), Parser.softKey2HardCustomKey(jKey.getKeyType(), jKey.getKey()), bArr3, bArr2, this.tag.getBytes()));
        Properties properties = new Properties();
        try {
            properties.load(byteArrayInputStream);
            String property = properties.getProperty("Error");
            if (property.equals("0")) {
                return true;
            }
            throw new PKIException("8196", PKIException.VERIFY_SIGN_DES, (Exception) new PKIException(property, errorDesc(property)));
        } catch (Exception unused) {
            throw new PKIException("8195", PKIException.SIGN_DES, (Exception) new PKIException(JIT_PARSE_FAIL, errorDesc(JIT_PARSE_FAIL)));
        }
    }

    @Override // cn.com.jit.ida.util.pki.cipher.Session
    public boolean verifySignHash(Mechanism mechanism, JKey jKey, byte[] bArr, byte[] bArr2) {
        throw new PKIException("8196", "failed verify signature operationfunction not support in JHARDLib");
    }
}
