package cfca.util.cipher.lib;

import cfca.asn1.parser.BigFileCipherUtil;
import cfca.internal.tool.HashEncoderUtil;
import cfca.org.slf4j.Logger;
import cfca.org.slf4j.LoggerFactory;
import cfca.rsa.envelope.RSASymmetricCryptoUtil;
import cfca.rsa.signature.RSAPackageUtil;
import cfca.sm2.envelope.SM2SymmetricCryptoUtil;
import cfca.sm2.signature.SM2PrivateKey;
import cfca.sm2.signature.SM2PublicKey;
import cfca.sm2rsa.common.Mechanism;
import cfca.sm2rsa.common.PKIException;
import cfca.system.Debugger;
import cfca.system.SM2Compatible;
import cfca.util.HashUtil;
import java.io.File;
import java.security.Key;
import java.security.KeyPair;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.util.HashMap;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:cfca/util/cipher/lib/BaseLib.class */
public abstract class BaseLib implements Session {
    static final Logger logger;
    static final int encryptedType_SM2 = 1;
    static final int encryptedType_RSA = 2;
    static final int encryptedType_DES_RC4 = 17;
    static final int encryptedType_SM4 = 18;
    static final HashMap hashSignatureAlgorithms;
    static final HashMap hashEncryptedAlgorithms;

    static final boolean hasSignatureAlgorithm(String str) {
        return hashSignatureAlgorithms.containsKey(str);
    }

    @Override // cfca.util.cipher.lib.Session
    public final KeyPair generateKeyPair(Mechanism mechanism, int i) throws PKIException {
        KeyPair RSAGenerateKeyPair;
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("generateKeyPair>>>>>>Running");
            stringBuffer.append("\n mechanism: ");
            stringBuffer.append(Debugger.dump(mechanism));
            stringBuffer.append("\n keyLength: " + i);
            logger.debug(stringBuffer.toString());
        }
        try {
            if (mechanism == null) {
                throw new PKIException("null not allowed for mechanism");
            }
            if ("SM2".equals(mechanism.getMechanismType())) {
                logger.debug("generateKeyPair::::::SM2");
                RSAGenerateKeyPair = SM2GenerateKeyPair();
            } else {
                if (!"RSA".equals(mechanism.getMechanismType())) {
                    throw new PKIException("GenerateKeyPair failure with invalid MechanismType=" + mechanism.getMechanismType());
                }
                logger.debug("generateKeyPai::::::RSA");
                RSAGenerateKeyPair = RSAGenerateKeyPair(i);
            }
            logger.debug("generateKeyPair<<<<<<Finished");
            return RSAGenerateKeyPair;
        } catch (PKIException e) {
            logger.error("generateKeyPair<<<<<<Failure", (Throwable) e);
            throw e;
        } catch (Exception e2) {
            logger.error("generateKeyPair<<<<<<Failure", (Throwable) e2);
            throw new PKIException(e2);
        }
    }

    @Override // cfca.util.cipher.lib.Session
    public final byte[] sign(Mechanism mechanism, PrivateKey privateKey, byte[] bArr, boolean z) throws PKIException {
        byte[] RSASignEncrypt;
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("sign>>>>>>Running");
            stringBuffer.append("\n mechanism: ");
            stringBuffer.append(Debugger.dump(mechanism));
            stringBuffer.append("\n priKey: ");
            stringBuffer.append(Debugger.dump(privateKey));
            stringBuffer.append("\n sourceData: ");
            stringBuffer.append(Debugger.dump(bArr));
            stringBuffer.append("\n sm2WithZFlag: " + z);
            logger.debug(stringBuffer.toString());
        }
        try {
            if (mechanism == null) {
                throw new PKIException("null not allowed for mechanism");
            }
            if (privateKey == null) {
                throw new PKIException("null not allowed for priKey");
            }
            if (bArr == null) {
                throw new PKIException("null not allowed for sourceData");
            }
            String mechanismType = mechanism.getMechanismType();
            if (!hasSignatureAlgorithm(mechanismType)) {
                throw new PKIException("850205", "签名操作失败 本操作不支持此种机制类型 " + mechanismType);
            }
            if ("SM3withSM2".equals(mechanismType)) {
                if (!(privateKey instanceof SM2PrivateKey)) {
                    throw new PKIException("The private key type is not sm2 type!");
                }
                SM2PrivateKey sM2PrivateKey = (SM2PrivateKey) privateKey;
                byte[] sm2HashMessage = HashUtil.sm2HashMessage(sM2PrivateKey.getSM2PublicKey(), bArr, z);
                if (logger.isDebugEnabled()) {
                    logger.debug("sign<<<<<<hash=" + Debugger.dump(sm2HashMessage));
                }
                RSASignEncrypt = SM2Sign(sm2HashMessage, sM2PrivateKey);
            } else {
                if (!(privateKey instanceof RSAPrivateKey)) {
                    throw new PKIException("The private key type is not rsa type!");
                }
                RSAPrivateKey rSAPrivateKey = (RSAPrivateKey) privateKey;
                byte[] rsaHashMessageDER = HashUtil.rsaHashMessageDER(bArr, mechanism);
                if (logger.isDebugEnabled()) {
                    logger.debug("sign<<<<<<hash=" + Debugger.dump(rsaHashMessageDER));
                }
                RSASignEncrypt = RSASignEncrypt(rSAPrivateKey, rsaHashMessageDER);
            }
            if (logger.isDebugEnabled()) {
                logger.debug("sign<<<<<<Finished,signValue=" + Debugger.dump(RSASignEncrypt));
            }
            return RSASignEncrypt;
        } catch (PKIException e) {
            logger.error("sign<<<<<<Failure", (Throwable) e);
            throw e;
        } catch (Exception e2) {
            logger.error("sign<<<<<<Failure", (Throwable) e2);
            throw new PKIException("850205", "签名操作失败", e2);
        }
    }

    @Override // cfca.util.cipher.lib.Session
    public final byte[] sign(Mechanism mechanism, PrivateKey privateKey, String str, boolean z) throws PKIException {
        byte[] RSASignEncrypt;
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("sign>>>>>>Running");
            stringBuffer.append("\n mechanism: ");
            stringBuffer.append(Debugger.dump(mechanism));
            stringBuffer.append("\n priKey: ");
            stringBuffer.append(Debugger.dump(privateKey));
            stringBuffer.append("\n sourceFilePath: ");
            stringBuffer.append(Debugger.dump(str));
            stringBuffer.append("\n sm2WithZFlag: " + z);
            logger.debug(stringBuffer.toString());
        }
        try {
            if (mechanism == null) {
                throw new PKIException("null not allowed for mechanism");
            }
            if (privateKey == null) {
                throw new PKIException("null not allowed for priKey");
            }
            if (str == null) {
                throw new PKIException("null not allowed for sourceFilePath");
            }
            String mechanismType = mechanism.getMechanismType();
            if (!hasSignatureAlgorithm(mechanismType)) {
                throw new PKIException("850205", "签名操作失败 本操作不支持此种机制类型 " + mechanismType);
            }
            if ("SM3withSM2".equals(mechanismType)) {
                if (!(privateKey instanceof SM2PrivateKey)) {
                    throw new PKIException("The private key type is not sm2 type!");
                }
                SM2PrivateKey sM2PrivateKey = (SM2PrivateKey) privateKey;
                byte[] sm2HashFile = HashUtil.sm2HashFile(sM2PrivateKey.getSM2PublicKey(), str, z);
                if (logger.isDebugEnabled()) {
                    logger.debug("sign<<<<<<hash=" + Debugger.dump(sm2HashFile));
                }
                RSASignEncrypt = SM2Sign(sm2HashFile, sM2PrivateKey);
            } else {
                if (!(privateKey instanceof RSAPrivateKey)) {
                    throw new PKIException("The private key type is not rsa type!");
                }
                RSAPrivateKey rSAPrivateKey = (RSAPrivateKey) privateKey;
                byte[] rsaHashFileDER = HashUtil.rsaHashFileDER(str, mechanism);
                if (logger.isDebugEnabled()) {
                    logger.debug("sign<<<<<<hash=" + Debugger.dump(rsaHashFileDER));
                }
                RSASignEncrypt = RSASignEncrypt(rSAPrivateKey, rsaHashFileDER);
            }
            if (logger.isDebugEnabled()) {
                logger.debug("sign<<<<<<Finished,signValue=" + Debugger.dump(RSASignEncrypt));
            }
            return RSASignEncrypt;
        } catch (PKIException e) {
            logger.error("sign<<<<<<Failure", (Throwable) e);
            throw e;
        } catch (Exception e2) {
            logger.error("sign<<<<<<Failure", (Throwable) e2);
            throw new PKIException("850205", "签名操作失败", e2);
        }
    }

    @Override // cfca.util.cipher.lib.Session
    public final boolean verifySign(Mechanism mechanism, PublicKey publicKey, byte[] bArr, byte[] bArr2) throws PKIException {
        boolean isRSAHashEqual;
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("verifySign>>>>>>Running");
            stringBuffer.append("\n mechanism: ");
            stringBuffer.append(Debugger.dump(mechanism));
            stringBuffer.append("\n pubKey: ");
            stringBuffer.append(Debugger.dump(publicKey));
            stringBuffer.append("\n sourceData: ");
            stringBuffer.append(Debugger.dump(bArr));
            stringBuffer.append("\n signData: ");
            stringBuffer.append(Debugger.dump(bArr2));
            logger.debug(stringBuffer.toString());
        }
        try {
            if (mechanism == null) {
                throw new PKIException("null not allowed for mechanism");
            }
            if (publicKey == null) {
                throw new PKIException("null not allowed for pubKey");
            }
            if (bArr == null) {
                throw new PKIException("null not allowed for sourceData");
            }
            if (bArr2 == null) {
                throw new PKIException("null not allowed for signData");
            }
            String mechanismType = mechanism.getMechanismType();
            if (!hasSignatureAlgorithm(mechanismType)) {
                throw new PKIException("850205", "签名操作失败 本操作不支持此种机制类型 " + mechanismType);
            }
            if ("SM3withSM2".equals(mechanismType)) {
                if (!(publicKey instanceof SM2PublicKey)) {
                    throw new PKIException("The public key type is not sm2 type!");
                }
                SM2PublicKey sM2PublicKey = (SM2PublicKey) publicKey;
                if (64 == bArr2.length) {
                    byte[] SM3HashMessage = SM3HashMessage(sM2PublicKey, bArr, true);
                    if (logger.isDebugEnabled()) {
                        logger.debug("verifySign<<<<<<[withZ]Hash=" + Debugger.dump(SM3HashMessage));
                    }
                    isRSAHashEqual = SM2Verify(SM3HashMessage, bArr2, sM2PublicKey);
                    if (logger.isDebugEnabled()) {
                        logger.debug("verifySign<<<<<<[withZ]verifyResult=" + isRSAHashEqual);
                    }
                    if (!isRSAHashEqual) {
                        byte[] SM3HashMessage2 = SM3HashMessage(sM2PublicKey, bArr, false);
                        if (logger.isDebugEnabled()) {
                            logger.debug("verifySign<<<<<<[noneZ]Hash=" + Debugger.dump(SM3HashMessage2));
                        }
                        isRSAHashEqual = SM2Verify(SM3HashMessage2, bArr2, sM2PublicKey);
                        if (logger.isDebugEnabled()) {
                            logger.debug("verifySign<<<<<<[noneZ]verifyResult=" + isRSAHashEqual);
                        }
                    }
                } else {
                    if (128 != bArr2.length) {
                        throw new PKIException("the sm2 signature length must be 64 or 128 bytes!");
                    }
                    byte[] sm2HashMessage = HashUtil.sm2HashMessage(sM2PublicKey, bArr, true);
                    if (logger.isDebugEnabled()) {
                        logger.debug("verifySign<<<<<<[CMBC-Custom]SM2Operation: hash=" + Debugger.dump(sm2HashMessage));
                    }
                    isRSAHashEqual = SM2CMBCVerify(sM2PublicKey, bArr2, sm2HashMessage);
                    if (logger.isDebugEnabled()) {
                        logger.debug("verifySign<<<<<<[CMBC-Custom]SM2Operation,Finished=" + isRSAHashEqual);
                    }
                }
            } else {
                if (!(publicKey instanceof RSAPublicKey)) {
                    throw new PKIException("The public key type is not rsa type!");
                }
                byte[] rsaHashMessageDER = HashUtil.rsaHashMessageDER(bArr, mechanism);
                if (logger.isDebugEnabled()) {
                    logger.debug("verifySign<<<<<<[RSA]SourceHash=" + Debugger.dump(rsaHashMessageDER));
                }
                byte[] RSAVerifyDecrypt = RSAVerifyDecrypt((RSAPublicKey) publicKey, bArr2);
                if (logger.isDebugEnabled()) {
                    logger.debug("verifySign<<<<<<[RSA]DecryptHash=" + Debugger.dump(RSAVerifyDecrypt));
                }
                isRSAHashEqual = RSAPackageUtil.isRSAHashEqual(RSAVerifyDecrypt, rsaHashMessageDER);
                if (logger.isDebugEnabled()) {
                    logger.debug("verifySign<<<<<<[RSA]verifyResult=" + isRSAHashEqual);
                }
            }
            if (logger.isDebugEnabled()) {
                logger.debug("verifySign<<<<<<Finished,verifyResult=" + isRSAHashEqual);
            }
            return isRSAHashEqual;
        } catch (PKIException e) {
            logger.error("verifySign<<<<<<Failure", (Throwable) e);
            throw e;
        } catch (Exception e2) {
            logger.error("verifySign<<<<<<Failure", (Throwable) e2);
            throw new PKIException("850206", "验证签名操作失败", e2);
        }
    }

    @Override // cfca.util.cipher.lib.Session
    public final boolean verifySign(Mechanism mechanism, PublicKey publicKey, String str, byte[] bArr) throws PKIException {
        boolean isRSAHashEqual;
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("verifySign>>>>>>Running");
            stringBuffer.append("\n mechanism: ");
            stringBuffer.append(Debugger.dump(mechanism));
            stringBuffer.append("\n pubKey: ");
            stringBuffer.append(Debugger.dump(publicKey));
            stringBuffer.append("\n sourceFilePath: ");
            stringBuffer.append(Debugger.dump(str));
            stringBuffer.append("\n signData: ");
            stringBuffer.append(Debugger.dump(bArr));
            logger.debug(stringBuffer.toString());
        }
        try {
            if (mechanism == null) {
                throw new PKIException("null not allowed for mechanism");
            }
            if (publicKey == null) {
                throw new PKIException("null not allowed for pubKey");
            }
            if (str == null) {
                throw new PKIException("null not allowed for sourceFilePath");
            }
            if (bArr == null) {
                throw new PKIException("null not allowed for signData");
            }
            String mechanismType = mechanism.getMechanismType();
            if (!hasSignatureAlgorithm(mechanismType)) {
                throw new PKIException("850205", "签名操作失败 本操作不支持此种机制类型 " + mechanismType);
            }
            if ("SM3withSM2".equals(mechanismType)) {
                if (!(publicKey instanceof SM2PublicKey)) {
                    throw new PKIException("The public key type is not sm2 type!");
                }
                SM2PublicKey sM2PublicKey = (SM2PublicKey) publicKey;
                if (bArr.length == 64) {
                    byte[] sm2HashFile = HashUtil.sm2HashFile(sM2PublicKey, str, true);
                    if (logger.isDebugEnabled()) {
                        logger.debug("verifySign<<<<<<[withZ]Hash=" + Debugger.dump(sm2HashFile));
                    }
                    isRSAHashEqual = SM2Verify(sm2HashFile, bArr, sM2PublicKey);
                    if (logger.isDebugEnabled()) {
                        logger.debug("verifySign<<<<<<[withZ]verifyResult=" + isRSAHashEqual);
                    }
                    if (!isRSAHashEqual) {
                        byte[] sm2HashFile2 = HashUtil.sm2HashFile(sM2PublicKey, str, false);
                        if (logger.isDebugEnabled()) {
                            logger.debug("verifySign<<<<<<[noneZ]Hash=" + Debugger.dump(sm2HashFile2));
                        }
                        isRSAHashEqual = SM2Verify(sm2HashFile2, bArr, sM2PublicKey);
                        if (logger.isDebugEnabled()) {
                            logger.debug("verifySign<<<<<<[noneZ]verifyResult=" + isRSAHashEqual);
                        }
                    }
                } else {
                    byte[] sm2HashFile3 = HashUtil.sm2HashFile(sM2PublicKey, str, true);
                    if (logger.isDebugEnabled()) {
                        logger.debug("verifySign<<<<<<[CMBC-Custom]SM2Operation: hash=" + Debugger.dump(sm2HashFile3));
                    }
                    isRSAHashEqual = SM2CMBCVerify(sM2PublicKey, bArr, sm2HashFile3);
                    if (logger.isDebugEnabled()) {
                        logger.debug("verifySign<<<<<<[CMBC-Custom]SM2Operation: verifyResult=" + isRSAHashEqual);
                    }
                }
            } else {
                if (!(publicKey instanceof RSAPublicKey)) {
                    throw new PKIException("The public key type is not rsa type!");
                }
                byte[] rsaHashFileDER = HashUtil.rsaHashFileDER(str, mechanism);
                if (logger.isDebugEnabled()) {
                    logger.debug("verifySign<<<<<<[RSA]SourceHash=" + Debugger.dump(rsaHashFileDER));
                }
                byte[] RSAVerifyDecrypt = RSAVerifyDecrypt((RSAPublicKey) publicKey, bArr);
                if (logger.isDebugEnabled()) {
                    logger.debug("verifySign<<<<<<[RSA]DecryptHash=" + Debugger.dump(RSAVerifyDecrypt));
                }
                isRSAHashEqual = RSAPackageUtil.isRSAHashEqual(RSAVerifyDecrypt, rsaHashFileDER);
                if (logger.isDebugEnabled()) {
                    logger.debug("verifySign<<<<<<[RSA]verifyResult=" + isRSAHashEqual);
                }
            }
            if (logger.isDebugEnabled()) {
                logger.debug("verifySign<<<<<<Finished,verifyResult=" + isRSAHashEqual);
            }
            return isRSAHashEqual;
        } catch (PKIException e) {
            logger.error("verifySign<<<<<<Failure", (Throwable) e);
            throw e;
        } catch (Exception e2) {
            logger.error("verifySign<<<<<<Failure", (Throwable) e2);
            throw new PKIException("850206", "验证签名操作失败", e2);
        }
    }

    @Override // cfca.util.cipher.lib.Session
    public final byte[] signByHash(Mechanism mechanism, PrivateKey privateKey, byte[] bArr) throws PKIException {
        byte[] RSASignEncrypt;
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("signByHash>>>>>>Running");
            stringBuffer.append("\n mechanism: ");
            stringBuffer.append(Debugger.dump(mechanism));
            stringBuffer.append("\n priKey: ");
            stringBuffer.append(Debugger.dump(privateKey));
            stringBuffer.append("\n rawHashValue: ");
            stringBuffer.append(Debugger.dump(bArr));
            logger.debug(stringBuffer.toString());
        }
        try {
            if (mechanism == null) {
                throw new PKIException("null not allowed for mechanism");
            }
            if (privateKey == null) {
                throw new PKIException("null not allowed for priKey");
            }
            if (bArr == null) {
                throw new PKIException("null not allowed for digest");
            }
            String mechanismType = mechanism.getMechanismType();
            if (!hasSignatureAlgorithm(mechanismType)) {
                throw new PKIException("850205", "签名操作失败 本操作不支持此种机制类型 " + mechanismType);
            }
            if ("SM3withSM2".equals(mechanismType)) {
                if (!(privateKey instanceof SM2PrivateKey)) {
                    throw new PKIException("The private key type is not sm2 type!");
                }
                SM2PrivateKey sM2PrivateKey = (SM2PrivateKey) privateKey;
                if (logger.isDebugEnabled()) {
                    logger.debug("signByHash<<<<<<hash=" + Debugger.dump(bArr));
                }
                RSASignEncrypt = SM2Sign(bArr, sM2PrivateKey);
            } else {
                if (!(privateKey instanceof RSAPrivateKey)) {
                    throw new PKIException("The private key type is not rsa type!");
                }
                RSAPrivateKey rSAPrivateKey = (RSAPrivateKey) privateKey;
                byte[] derEncoder = HashEncoderUtil.derEncoder(mechanismType, bArr);
                if (logger.isDebugEnabled()) {
                    logger.debug("signByHash<<<<<<hash=" + Debugger.dump(derEncoder));
                }
                RSASignEncrypt = RSASignEncrypt(rSAPrivateKey, derEncoder);
            }
            if (logger.isDebugEnabled()) {
                logger.debug("signByHash<<<<<<Finished,signValue=" + Debugger.dump(RSASignEncrypt));
            }
            return RSASignEncrypt;
        } catch (PKIException e) {
            logger.error("signByHash<<<<<<Failure", (Throwable) e);
            throw e;
        } catch (Exception e2) {
            logger.error("signByHash<<<<<<Failure", (Throwable) e2);
            throw new PKIException("850205", "签名操作失败", e2);
        }
    }

    @Override // cfca.util.cipher.lib.Session
    public final boolean verifyByHash(Mechanism mechanism, PublicKey publicKey, byte[] bArr, byte[] bArr2) throws PKIException {
        boolean isRSAHashEqual;
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("verifyByHash>>>>>>Running");
            stringBuffer.append("\n mechanism: ");
            stringBuffer.append(Debugger.dump(mechanism));
            stringBuffer.append("\n pubKey: ");
            stringBuffer.append(Debugger.dump(publicKey));
            stringBuffer.append("\n rawHashValue: ");
            stringBuffer.append(Debugger.dump(bArr));
            stringBuffer.append("\n signData: ");
            stringBuffer.append(Debugger.dump(bArr2));
            logger.debug(stringBuffer.toString());
        }
        try {
            if (mechanism == null) {
                throw new PKIException("null not allowed for mechanism");
            }
            if (publicKey == null) {
                throw new PKIException("null not allowed for pubKey");
            }
            if (bArr == null) {
                throw new PKIException("null not allowed for digest");
            }
            if (bArr2 == null) {
                throw new PKIException("null not allowed for signData");
            }
            String mechanismType = mechanism.getMechanismType();
            if (!hasSignatureAlgorithm(mechanismType)) {
                throw new PKIException("850205", "签名操作失败 本操作不支持此种机制类型 " + mechanismType);
            }
            if ("SM3withSM2".equals(mechanismType)) {
                if (!(publicKey instanceof SM2PublicKey)) {
                    throw new PKIException("The public key type is not sm2 type!");
                }
                SM2PublicKey sM2PublicKey = (SM2PublicKey) publicKey;
                if (bArr2.length == 64) {
                    if (logger.isDebugEnabled()) {
                        logger.debug("verifyByHash<<<<<<Hash=" + Debugger.dump(bArr));
                    }
                    isRSAHashEqual = SM2Verify(bArr, bArr2, sM2PublicKey);
                    if (logger.isDebugEnabled()) {
                        logger.debug("verifyByHash<<<<<<verifyResult=" + isRSAHashEqual);
                    }
                } else {
                    if (logger.isDebugEnabled()) {
                        logger.debug("verifyByHash<<<<<<[CMBC-Custom]SM2Operation: hash=" + Debugger.dump(bArr));
                    }
                    isRSAHashEqual = SM2CMBCVerify(sM2PublicKey, bArr2, bArr);
                    if (logger.isDebugEnabled()) {
                        logger.debug("verifyByHash<<<<<<[CMBC-Custom]SM2Operation: verifyResult=" + isRSAHashEqual);
                    }
                }
            } else {
                if (!(publicKey instanceof RSAPublicKey)) {
                    throw new PKIException("The public key type is not rsa type!");
                }
                byte[] derEncoder = HashEncoderUtil.derEncoder(mechanismType, bArr);
                if (logger.isDebugEnabled()) {
                    logger.debug("verifyByHash<<<<<<[RSA]SourceHash=" + Debugger.dump(derEncoder));
                }
                byte[] RSAVerifyDecrypt = RSAVerifyDecrypt((RSAPublicKey) publicKey, bArr2);
                if (logger.isDebugEnabled()) {
                    logger.debug("verifyByHash<<<<<<[RSA]DecryptHash=" + Debugger.dump(RSAVerifyDecrypt));
                }
                isRSAHashEqual = RSAPackageUtil.isRSAHashEqual(RSAVerifyDecrypt, derEncoder);
                if (logger.isDebugEnabled()) {
                    logger.debug("verifyByHash<<<<<<[RSA]verifyResult=" + isRSAHashEqual);
                }
            }
            if (logger.isDebugEnabled()) {
                logger.debug("verifyByHash<<<<<<Finished,verifyResult=" + isRSAHashEqual);
            }
            return isRSAHashEqual;
        } catch (PKIException e) {
            logger.error("verifyByHash<<<<<<Failure", (Throwable) e);
            throw e;
        } catch (Exception e2) {
            logger.error("verifyByHash<<<<<<Failure", (Throwable) e2);
            throw new PKIException("850206", "验证签名操作失败", e2);
        }
    }

    @Override // cfca.util.cipher.lib.Session
    public final byte[] encrypt(Mechanism mechanism, Key key, byte[] bArr) throws PKIException {
        byte[] cryptoUtil;
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("encrypt>>>>>>Running");
            stringBuffer.append("\n mechanism: ");
            stringBuffer.append(Debugger.dump(mechanism));
            stringBuffer.append("\n key: ");
            stringBuffer.append(Debugger.dump(key));
            stringBuffer.append("\n sourceData: ");
            stringBuffer.append(Debugger.dump(bArr));
            logger.debug(stringBuffer.toString());
        }
        try {
            if (mechanism == null) {
                throw new PKIException("null not allowed for mechanism");
            }
            if (key == null) {
                throw new PKIException("null not allowed for key");
            }
            if (bArr == null) {
                throw new PKIException("null not allowed for sourceData");
            }
            String mechanismType = mechanism.getMechanismType();
            Integer num = (Integer) hashEncryptedAlgorithms.get(mechanismType);
            if (num == null) {
                throw new PKIException("850200", "加密操作失败 本操作不支持此种机制类型" + mechanismType);
            }
            switch (num.intValue()) {
                case 1:
                    logger.debug("encrypt<<<<<<SM2Encrypt");
                    cryptoUtil = SM2Encrypt((SM2PublicKey) key, bArr);
                    break;
                case 2:
                    logger.debug("encrypt<<<<<<RSAEncrypt");
                    cryptoUtil = RSAEncrypt((RSAPublicKey) key, bArr, mechanism);
                    break;
                case 17:
                    logger.debug("encrypt<<<<<<RC4/DES3");
                    cryptoUtil = RSASymmetricCryptoUtil.encrypt(key.getEncoded(), bArr, mechanism);
                    break;
                case 18:
                    logger.debug("encrypt<<<<<<SM4");
                    cryptoUtil = SM2SymmetricCryptoUtil.cryptoUtil(true, key.getEncoded(), bArr, mechanism);
                    break;
                default:
                    throw new PKIException("850200", "加密操作失败 本操作不支持此种机制类型" + mechanismType);
            }
            if (logger.isDebugEnabled()) {
                logger.debug("encrypt<<<<<<Finished,encryptedData=" + Debugger.dump(cryptoUtil));
            }
            return cryptoUtil;
        } catch (PKIException e) {
            logger.error("encrypt<<<<<<Failure", (Throwable) e);
            throw e;
        } catch (Exception e2) {
            logger.error("encrypt<<<<<<Failure", (Throwable) e2);
            throw new PKIException("850200", "加密操作失败", e2);
        }
    }

    @Override // cfca.util.cipher.lib.Session
    public final byte[] decrypt(Mechanism mechanism, Key key, byte[] bArr) throws PKIException {
        byte[] cryptoUtil;
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("decrypt>>>>>>Running");
            stringBuffer.append("\n mechanism: ");
            stringBuffer.append(Debugger.dump(mechanism));
            stringBuffer.append("\n key: ");
            stringBuffer.append(Debugger.dump(key));
            stringBuffer.append("\n encryptData: ");
            stringBuffer.append(Debugger.dump(bArr));
            logger.debug(stringBuffer.toString());
        }
        try {
            if (mechanism == null) {
                throw new PKIException("null not allowed for mechanism");
            }
            if (key == null) {
                throw new PKIException("null not allowed for key");
            }
            if (bArr == null) {
                throw new PKIException("null not allowed for encryptData");
            }
            String mechanismType = mechanism.getMechanismType();
            Integer num = (Integer) hashEncryptedAlgorithms.get(mechanismType);
            if (num == null) {
                throw new PKIException("850201", "解密操作失败 本操作不支持此种机制类型" + mechanismType);
            }
            switch (num.intValue()) {
                case 1:
                    logger.debug("decrypt<<<<<<SM2Decrypt");
                    cryptoUtil = SM2Decrypt((SM2PrivateKey) key, bArr);
                    break;
                case 2:
                    logger.debug("decrypt<<<<<<RSADecrypt");
                    cryptoUtil = RSADecrypt((RSAPrivateKey) key, bArr, mechanism);
                    break;
                case 17:
                    logger.debug("decrypt<<<<<<RC4/DES3");
                    cryptoUtil = RSASymmetricCryptoUtil.decrypt(key.getEncoded(), bArr, mechanism);
                    break;
                case 18:
                    logger.debug("decrypt<<<<<<SM4");
                    cryptoUtil = SM2SymmetricCryptoUtil.cryptoUtil(false, key.getEncoded(), bArr, mechanism);
                    break;
                default:
                    throw new PKIException("850201", "解密操作失败 本操作不支持此种机制类型" + mechanismType);
            }
            if (logger.isDebugEnabled()) {
                logger.debug("decrypt<<<<<<Finished,decryptedData=" + Debugger.dump(cryptoUtil));
            }
            return cryptoUtil;
        } catch (PKIException e) {
            logger.error("decrypt<<<<<<Failure", (Throwable) e);
            throw e;
        } catch (Exception e2) {
            logger.error("decrypt<<<<<<Failure", (Throwable) e2);
            throw new PKIException("850201", "解密操作失败", e2);
        }
    }

    @Override // cfca.util.cipher.lib.Session
    public final void encrypt(Mechanism mechanism, Key key, String str, String str2) throws PKIException {
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("encrypt>>>>>>Running");
            stringBuffer.append("\n mechanism: ");
            stringBuffer.append(Debugger.dump(mechanism));
            stringBuffer.append("\n key: ");
            stringBuffer.append(Debugger.dump(key));
            stringBuffer.append("\n sourceFilePath: ");
            stringBuffer.append(Debugger.dump(str));
            stringBuffer.append("\n encryptFilePath: ");
            stringBuffer.append(Debugger.dump(str2));
            logger.debug(stringBuffer.toString());
        }
        try {
            if (mechanism == null) {
                throw new PKIException("null not allowed for mechanism");
            }
            if (key == null) {
                throw new PKIException("null not allowed for key");
            }
            if (str == null) {
                throw new PKIException("null not allowed for sourceFilePath");
            }
            if (str2 == null) {
                throw new PKIException("null not allowed for encryptFilePath");
            }
            BigFileCipherUtil.bigFileBlockCipher(true, mechanism, key.getEncoded(), new File(str), new File(str2));
            if (logger.isDebugEnabled()) {
                logger.debug("encrypt<<<<<<Finished");
            }
        } catch (PKIException e) {
            logger.error("encrypt<<<<<<Failure", (Throwable) e);
            throw e;
        } catch (Exception e2) {
            logger.error("encrypt<<<<<<Failure", (Throwable) e2);
            throw new PKIException("850200", "加密操作失败", e2);
        }
    }

    @Override // cfca.util.cipher.lib.Session
    public final void decrypt(Mechanism mechanism, Key key, String str, String str2) throws PKIException {
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("decrypt>>>>>>Running");
            stringBuffer.append("\n mechanism: ");
            stringBuffer.append(Debugger.dump(mechanism));
            stringBuffer.append("\n key: ");
            stringBuffer.append(Debugger.dump(key));
            stringBuffer.append("\n encryptFilePath: ");
            stringBuffer.append(Debugger.dump(str));
            stringBuffer.append("\n plainTextFilePath: ");
            stringBuffer.append(Debugger.dump(str2));
            logger.debug(stringBuffer.toString());
        }
        try {
            if (mechanism == null) {
                throw new PKIException("null not allowed for mechanism");
            }
            if (key == null) {
                throw new PKIException("null not allowed for key");
            }
            if (str == null) {
                throw new PKIException("null not allowed for encryptFilePath");
            }
            if (str2 == null) {
                throw new PKIException("null not allowed for plainTextFilePath");
            }
            BigFileCipherUtil.bigFileBlockCipher(false, mechanism, key.getEncoded(), new File(str), new File(str2));
            if (logger.isDebugEnabled()) {
                logger.debug("decrypt<<<<<<Finished");
            }
        } catch (PKIException e) {
            logger.error("decrypt<<<<<<Failure", (Throwable) e);
            throw e;
        } catch (Exception e2) {
            logger.error("decrypt<<<<<<Failure", (Throwable) e2);
            throw new PKIException("850201", "解密操作失败", e2);
        }
    }

    @Override // cfca.util.cipher.lib.Session
    public final Key generateKey(Mechanism mechanism) throws PKIException {
        return RSASymmetricCryptoUtil.generateSecureKey(mechanism);
    }

    @Override // cfca.util.cipher.lib.Session
    public final byte[] sign(Mechanism mechanism, PrivateKey privateKey, byte[] bArr) throws PKIException {
        return sign(mechanism, privateKey, bArr, SM2Compatible.isOutputSM2SignedWithZ());
    }

    @Override // cfca.util.cipher.lib.Session
    public final byte[] sign(Mechanism mechanism, PrivateKey privateKey, String str) throws PKIException {
        return sign(mechanism, privateKey, str, SM2Compatible.isOutputSM2SignedWithZ());
    }

    abstract KeyPair SM2GenerateKeyPair() throws PKIException;

    abstract KeyPair RSAGenerateKeyPair(int i) throws PKIException;

    abstract byte[] SM2Sign(byte[] bArr, SM2PrivateKey sM2PrivateKey) throws PKIException;

    abstract boolean SM2Verify(byte[] bArr, byte[] bArr2, SM2PublicKey sM2PublicKey) throws PKIException;

    abstract boolean SM2CMBCVerify(SM2PublicKey sM2PublicKey, byte[] bArr, byte[] bArr2) throws PKIException;

    abstract byte[] SM2Encrypt(SM2PublicKey sM2PublicKey, byte[] bArr) throws PKIException;

    abstract byte[] SM2Decrypt(SM2PrivateKey sM2PrivateKey, byte[] bArr) throws PKIException;

    abstract byte[] SM3HashMessage(SM2PublicKey sM2PublicKey, byte[] bArr, boolean z) throws PKIException;

    abstract byte[] RSASignEncrypt(RSAPrivateKey rSAPrivateKey, byte[] bArr) throws PKIException;

    abstract byte[] RSAVerifyDecrypt(RSAPublicKey rSAPublicKey, byte[] bArr) throws PKIException;

    abstract byte[] RSAEncrypt(RSAPublicKey rSAPublicKey, byte[] bArr, Mechanism mechanism) throws PKIException;

    abstract byte[] RSADecrypt(RSAPrivateKey rSAPrivateKey, byte[] bArr, Mechanism mechanism) throws PKIException;

    static {
        Debugger.setDebugger();
        logger = LoggerFactory.getLogger((Class<?>) BaseLib.class);
        hashSignatureAlgorithms = new HashMap();
        hashEncryptedAlgorithms = new HashMap();
        hashSignatureAlgorithms.put("SM3withSM2", null);
        hashSignatureAlgorithms.put("SHA1withRSAEncryption", null);
        hashSignatureAlgorithms.put("SHA256withRSAEncryption", null);
        hashSignatureAlgorithms.put("SHA512withRSA", null);
        hashSignatureAlgorithms.put("MD5withRSAEncryption", null);
        hashEncryptedAlgorithms.put("SM2", new Integer(1));
        hashEncryptedAlgorithms.put("RSA/ECB/PKCS1PADDING", new Integer(2));
        hashEncryptedAlgorithms.put("DESede/CBC/PKCS7Padding", new Integer(17));
        hashEncryptedAlgorithms.put("DESede/ECB/PKCS7Padding", new Integer(17));
        hashEncryptedAlgorithms.put("RC4", new Integer(17));
        hashEncryptedAlgorithms.put("SM4/CBC/PKCS7Padding", new Integer(18));
        hashEncryptedAlgorithms.put("SM4/ECB/PKCS7Padding", new Integer(18));
    }
}
