package cfca.sm.algorithm;

import cfca.internal.tool.ASN1Parser;
import cfca.org.bouncycastle.asn1.ASN1Encodable;
import cfca.org.bouncycastle.asn1.ASN1EncodableVector;
import cfca.org.bouncycastle.asn1.ASN1Integer;
import cfca.org.bouncycastle.asn1.ASN1OctetString;
import cfca.org.bouncycastle.asn1.ASN1Primitive;
import cfca.org.bouncycastle.asn1.ASN1Sequence;
import cfca.org.bouncycastle.asn1.BERSequence;
import cfca.org.bouncycastle.crypto.modes.CBCBlockCipher;
import cfca.org.bouncycastle.crypto.paddings.PKCS7Padding;
import cfca.org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher;
import cfca.org.bouncycastle.crypto.params.KeyParameter;
import cfca.org.bouncycastle.crypto.params.ParametersWithIV;
import cfca.sm2.signature.SM2PrivateKey;
import cfca.sm2.signature.SM2PublicKey;
import cfca.sm2rsa.common.PKCSObjectIdentifiers;
import cfca.sm2rsa.common.PKIException;
import cfca.util.Base64;
import cfca.util.KeyUtil;
import cfca.x509.certificate.X509Cert;

/* loaded from: input_file:cfca/sm/algorithm/SM2Pfx.class */
public class SM2Pfx implements ASN1Encodable, PKCSObjectIdentifiers {
    private ASN1Sequence privateInfo;
    private ASN1Sequence publicInfo;
    private ASN1OctetString pubOctString;
    private ASN1OctetString priOctString;

    public static SM2Pfx getInstance(Object obj) throws PKIException {
        if (obj == null) {
            throw new IllegalArgumentException("null not allowed for object");
        }
        if (obj instanceof SM2Pfx) {
            return (SM2Pfx) obj;
        }
        if (obj instanceof ASN1Sequence) {
            return new SM2Pfx((ASN1Sequence) obj);
        }
        throw new IllegalArgumentException("unknown object in factory " + obj.getClass().getName());
    }

    public SM2Pfx(ASN1Sequence aSN1Sequence) throws PKIException {
        this.privateInfo = null;
        this.publicInfo = null;
        if (aSN1Sequence.size() == 3) {
            this.privateInfo = (ASN1Sequence) aSN1Sequence.getObjectAt(1);
            this.publicInfo = (ASN1Sequence) aSN1Sequence.getObjectAt(2);
            if (this.privateInfo.size() != 3) {
                throw new PKIException("the sm2 file is not right format,can not get the private part");
            }
            this.priOctString = (ASN1OctetString) this.privateInfo.getObjectAt(2);
            if (this.publicInfo.size() != 2) {
                throw new PKIException("the sm2 file is not right format.can not get the public part");
            }
            this.pubOctString = (ASN1OctetString) this.publicInfo.getObjectAt(1);
        }
    }

    private byte[] KDF(byte[] bArr) {
        byte[] bArr2 = {0, 0, 0, 1};
        SM3Digest sM3Digest = new SM3Digest();
        sM3Digest.update(bArr, 0, bArr.length);
        sM3Digest.update(bArr2, 0, bArr2.length);
        byte[] bArr3 = new byte[32];
        sM3Digest.doFinal(bArr3, 0);
        return bArr3;
    }

    public SM2PrivateKey getPrivateKey(String str) throws Exception {
        if (str == null) {
            throw new PKIException("the pass word should not be null");
        }
        byte[] KDF = KDF(str.getBytes("UTF8"));
        byte[] bArr = new byte[16];
        System.arraycopy(KDF, 0, bArr, 0, 16);
        byte[] bArr2 = new byte[16];
        System.arraycopy(KDF, 16, bArr2, 0, 16);
        PaddedBufferedBlockCipher paddedBufferedBlockCipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new SM4Engine()), new PKCS7Padding());
        paddedBufferedBlockCipher.init(false, new ParametersWithIV(new KeyParameter(bArr2), bArr));
        byte[] octets = this.priOctString.getOctets();
        if (ASN1Parser.isBase64Encode(octets)) {
            octets = Base64.decode(octets);
        }
        int outputSize = paddedBufferedBlockCipher.getOutputSize(octets.length);
        byte[] bArr3 = new byte[outputSize];
        int processBytes = paddedBufferedBlockCipher.processBytes(octets, 0, octets.length, bArr3, 0);
        int doFinal = processBytes + paddedBufferedBlockCipher.doFinal(bArr3, processBytes);
        SM2PublicKey sM2PublicKey = (SM2PublicKey) getPublicCert().getPublicKey();
        byte[] pubX = sM2PublicKey.getPubX();
        byte[] pubY = sM2PublicKey.getPubY();
        if (doFinal >= outputSize) {
            return KeyUtil.getSM2PrivateKey(bArr3, pubX, pubY);
        }
        byte[] bArr4 = new byte[doFinal];
        System.arraycopy(bArr3, 0, bArr4, 0, doFinal);
        return KeyUtil.getSM2PrivateKey(bArr4, pubX, pubY);
    }

    public X509Cert getPublicCert() throws PKIException {
        return new X509Cert(this.pubOctString.getOctets());
    }

    @Override // cfca.org.bouncycastle.asn1.ASN1Encodable
    public ASN1Primitive toASN1Primitive() {
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        aSN1EncodableVector.add(new ASN1Integer(1));
        aSN1EncodableVector.add(this.privateInfo);
        aSN1EncodableVector.add(this.publicInfo);
        return new BERSequence(aSN1EncodableVector);
    }
}
