package com.alipay.mychain.sdk.crypto.envelope;

import com.alipay.mychain.sdk.crypto.AlgoIdEnum;
import com.alipay.mychain.sdk.crypto.cipher.AesGcmCipherV1;
import com.alipay.mychain.sdk.crypto.hash.HashFactory;
import com.alipay.mychain.sdk.crypto.hash.HashTypeEnum;
import com.alipay.mychain.sdk.crypto.keyoperator.Pkcs8KeyOperator;
import com.alipay.mychain.sdk.crypto.keypair.KeyTypeEnum;
import com.alipay.mychain.sdk.crypto.keypair.Keypair;
import com.alipay.mychain.sdk.crypto.pkeycipher.EccK1KDFV1;
import com.alipay.mychain.sdk.crypto.pkeycipher.PkeyCipherBase;
import com.alipay.mychain.sdk.errorcode.ErrorCode;
import com.alipay.mychain.sdk.exception.MychainSdkException;
import com.alipay.mychain.sdk.utils.ByteUtils;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import org.apache.commons.lang3.exception.ExceptionUtils;

/* loaded from: input_file:com/alipay/mychain/sdk/crypto/envelope/EccK1EnvelopeV1.class */
public class EccK1EnvelopeV1 implements EnvelopeBase {
    private static final int IV_LEN = 12;
    private static final int AUTHTAG_LEN = 16;
    private List<PkeyCipherBase> pubkeyList;
    private PkeyCipherBase privkey;
    private HashTypeEnum hashTypeEnum = HashFactory.getHash().getHashType();

    public void setHashTypeEnum(HashTypeEnum hashTypeEnum) {
        this.hashTypeEnum = hashTypeEnum;
    }

    @Override // com.alipay.mychain.sdk.crypto.envelope.EnvelopeBase
    public AlgoIdEnum getAlgo() {
        return AlgoIdEnum.ENVELOPE_ECCK1_LOCAL_V1;
    }

    @Override // com.alipay.mychain.sdk.crypto.envelope.EnvelopeBase
    public boolean isEncryptor() {
        return (this.pubkeyList == null || this.pubkeyList.isEmpty()) ? false : true;
    }

    @Override // com.alipay.mychain.sdk.crypto.envelope.EnvelopeBase
    public boolean isDecryptor() {
        return this.privkey != null;
    }

    @Override // com.alipay.mychain.sdk.crypto.envelope.EnvelopeBase
    public void setPkeyCipherList(List<PkeyCipherBase> list) {
        if (list == null || list.isEmpty()) {
            throw new MychainSdkException(ErrorCode.SDK_INVALID_PARAMETER, "public keys should not empty");
        }
        if (list.size() > 65535) {
            throw new MychainSdkException(ErrorCode.SDK_INVALID_PARAMETER, "too many public keys");
        }
        this.pubkeyList = new ArrayList();
        for (PkeyCipherBase pkeyCipherBase : list) {
            if (pkeyCipherBase.getAlgo() != AlgoIdEnum.PKEY_KDF_ECCK1_LOCAL_V1) {
                throw new MychainSdkException(ErrorCode.SDK_INVALID_PARAMETER, "invalid keypair type!");
            }
            if (!pkeyCipherBase.isEncryptor()) {
                throw new MychainSdkException(ErrorCode.SDK_INVALID_PUBLIC_KEY, "no public key");
            }
            this.pubkeyList.add(pkeyCipherBase);
        }
    }

    @Override // com.alipay.mychain.sdk.crypto.envelope.EnvelopeBase
    public void setPubkeyList(List<Keypair> list) {
        if (list == null || list.isEmpty()) {
            throw new MychainSdkException(ErrorCode.SDK_INVALID_PARAMETER, "public keys should not empty");
        }
        if (list.size() > 65535) {
            throw new MychainSdkException(ErrorCode.SDK_INVALID_PARAMETER, "too many public keys");
        }
        this.pubkeyList = new ArrayList();
        for (Keypair keypair : list) {
            if (keypair.getType() != KeyTypeEnum.KEY_ECCK1_PKCS8) {
                throw new MychainSdkException(ErrorCode.SDK_INVALID_PARAMETER, "invalid keypair type!");
            }
            if (!keypair.isPubkey()) {
                throw new MychainSdkException(ErrorCode.SDK_INVALID_PUBLIC_KEY, "no public key");
            }
            this.pubkeyList.add(new EccK1KDFV1(keypair, this.hashTypeEnum));
        }
    }

    @Override // com.alipay.mychain.sdk.crypto.envelope.EnvelopeBase
    public void setPrivkey(Keypair keypair) {
        if (keypair == null) {
            throw new MychainSdkException(ErrorCode.SDK_INVALID_PARAMETER, "keypair should not null");
        }
        if (keypair.getType() != KeyTypeEnum.KEY_ECCK1_PKCS8) {
            throw new MychainSdkException(ErrorCode.SDK_INVALID_PARAMETER, "invalid keypair type!");
        }
        if (!keypair.isPrivkey()) {
            throw new MychainSdkException(ErrorCode.SDK_INVALID_PRIVATE_KEY, "no private key");
        }
        this.privkey = new EccK1KDFV1(keypair, this.hashTypeEnum);
    }

    @Override // com.alipay.mychain.sdk.crypto.envelope.EnvelopeBase
    public void setPrivkey(PkeyCipherBase pkeyCipherBase) {
        if (pkeyCipherBase == null) {
            throw new MychainSdkException(ErrorCode.SDK_INVALID_PARAMETER, "pkeyCipher should not null");
        }
        if (pkeyCipherBase.getAlgo() != AlgoIdEnum.PKEY_KDF_ECCK1_LOCAL_V1) {
            throw new MychainSdkException(ErrorCode.SDK_INVALID_PARAMETER, "invalid keypair type!");
        }
        if (!pkeyCipherBase.isDecryptor()) {
            throw new MychainSdkException(ErrorCode.SDK_INVALID_PRIVATE_KEY, "no private key");
        }
        this.privkey = pkeyCipherBase;
    }

    @Override // com.alipay.mychain.sdk.crypto.envelope.EnvelopeBase
    public byte[] envelopeSeal(byte[] bArr, byte[] bArr2) {
        if (!isEncryptor()) {
            throw new MychainSdkException(ErrorCode.SDK_INVALID_PUBLIC_KEY, "no public keys");
        }
        if (bArr2 != null) {
            throw new MychainSdkException(ErrorCode.SDK_INVALID_PARAMETER, "secretKey must null!");
        }
        try {
            int size = this.pubkeyList.size();
            int length = 2 + (72 * size) + 2 + 2 + 12 + 16 + bArr.length;
            byte[] bArr3 = new byte[6 + length];
            Keypair generate = new Pkcs8KeyOperator().generate(KeyTypeEnum.KEY_ECCK1_PKCS8);
            byte[] encrypt = new AesGcmCipherV1(kdf(generate.getPubkeyEncoded())).encrypt(bArr);
            System.arraycopy(getAlgo().toBytes(), 0, bArr3, 0, 2);
            int i = 0 + 2;
            System.arraycopy(ByteUtils.intToBytes(length), 0, bArr3, i, 4);
            int i2 = i + 4;
            int i3 = i2 + 1;
            bArr3[i2] = (byte) ((size >> 8) & 255);
            int i4 = i3 + 1;
            bArr3[i3] = (byte) (size & 255);
            Iterator<PkeyCipherBase> it = this.pubkeyList.iterator();
            while (it.hasNext()) {
                byte[] encrypt2 = it.next().encrypt(generate.getPrivkeyId());
                int i5 = i4;
                int i6 = i4 + 1;
                bArr3[i5] = (byte) ((encrypt2.length >> 8) & 255);
                int i7 = i6 + 1;
                bArr3[i6] = (byte) (encrypt2.length & 255);
                System.arraycopy(encrypt2, 0, bArr3, i7, encrypt2.length);
                i4 = i7 + encrypt2.length;
            }
            int i8 = i4;
            int i9 = i4 + 1;
            bArr3[i8] = (byte) ((encrypt.length >> 8) & 255);
            bArr3[i9] = (byte) (encrypt.length & 255);
            System.arraycopy(encrypt, 0, bArr3, i9 + 1, encrypt.length);
            return bArr3;
        } catch (Exception e) {
            throw new MychainSdkException(ErrorCode.OTHERS, ExceptionUtils.getStackTrace(e));
        }
    }

    @Override // com.alipay.mychain.sdk.crypto.envelope.EnvelopeBase
    public byte[] envelopeOpen(byte[] bArr, byte[] bArr2) {
        if (!isDecryptor()) {
            throw new MychainSdkException(ErrorCode.SDK_INVALID_PRIVATE_KEY, "no private key");
        }
        if (bArr == null || bArr.length < 8) {
            throw new MychainSdkException(ErrorCode.SDK_INVALID_PARAMETER, "invalid cipher text!");
        }
        if (bArr2 != null) {
            throw new MychainSdkException(ErrorCode.SDK_INVALID_PARAMETER, "secretKey must null!");
        }
        if (AlgoIdEnum.valueOf(bArr) != getAlgo()) {
            throw new MychainSdkException(ErrorCode.SDK_INVALID_PARAMETER, "invalid algoid!");
        }
        try {
            int i = 2 + 4;
            if (ByteUtils.byteArrayToInt(Arrays.copyOfRange(bArr, 2, 2 + 4)) != bArr.length - i) {
                throw new MychainSdkException(ErrorCode.SDK_INVALID_PARAMETER, "invalid totalSize!");
            }
            int i2 = i + 1;
            int i3 = (bArr[i] & 255) << 8;
            int i4 = i2 + 1;
            int i5 = i3 + (bArr[i2] & 255);
            if (i5 == 0) {
                throw new MychainSdkException(ErrorCode.SDK_INVALID_PARAMETER, "invalid public key number!");
            }
            if (bArr.length <= i4 + (i5 * 72)) {
                throw new MychainSdkException(ErrorCode.SDK_INVALID_PARAMETER, "invalid length of ciphertext.");
            }
            int i6 = 0;
            while (i6 < i5) {
                int i7 = i4;
                int i8 = i4 + 1;
                int i9 = i8 + 1;
                if (((bArr[i7] & 255) << 8) + (bArr[i8] & 255) != 70) {
                    throw new MychainSdkException(ErrorCode.SDK_INVALID_PARAMETER, "invalid size of encrypted public key.");
                }
                byte[] copyOfRange = Arrays.copyOfRange(bArr, i9, i9 + 70);
                i4 = i9 + 70;
                try {
                    bArr2 = kdf(this.privkey.decrypt(copyOfRange));
                    i6++;
                    break;
                } catch (Exception e) {
                    if (i6 == i5 - 1) {
                        throw e;
                    }
                    i6++;
                }
            }
            while (i6 < i5) {
                i4 += 72;
                i6++;
            }
            AesGcmCipherV1 aesGcmCipherV1 = new AesGcmCipherV1(bArr2);
            int i10 = i4;
            int i11 = i4 + 1;
            int i12 = i11 + 1;
            if (((bArr[i10] & 255) << 8) + (bArr[i11] & 255) != bArr.length - i12) {
                throw new MychainSdkException(ErrorCode.SDK_INVALID_PARAMETER, "invalid length of gmcCipherSize.");
            }
            return aesGcmCipherV1.decrypt(Arrays.copyOfRange(bArr, i12, bArr.length));
        } catch (Exception e2) {
            throw new MychainSdkException(ErrorCode.OTHERS, ExceptionUtils.getStackTrace(e2));
        }
    }

    private byte[] kdf(byte[] bArr) {
        byte[] hash = HashFactory.getHash(this.hashTypeEnum).hash(bArr);
        byte[] copyOfRange = Arrays.copyOfRange(hash, 16, 32);
        byte[] bArr2 = new byte[16];
        for (int i = 0; i < 16; i++) {
            bArr2[i] = (byte) (hash[i] ^ copyOfRange[i]);
        }
        return bArr2;
    }
}
