package org.opoo.ootp.codec.encryption.smx;

import com.emc.codec.AbstractCodec;
import com.emc.codec.EncodeInputStream;
import com.emc.codec.EncodeListener;
import com.emc.codec.EncodeMetadata;
import com.emc.codec.EncodeOutputStream;
import com.emc.codec.EncodeStream;
import com.emc.codec.util.CodecUtil;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.util.Map;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import org.opoo.ootp.codec.Codec;
import org.opoo.ootp.codec.encryption.EncryptionException;
import org.opoo.ootp.codec.encryption.EncryptionUtils;
import org.opoo.ootp.codec.encryption.PrivateKeyProvider;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/opoo/ootp/codec/encryption/smx/SMXEncryptionCodec.class */
public class SMXEncryptionCodec extends AbstractCodec<SMXEncryptionMetadata> {
    private static final Logger log = LoggerFactory.getLogger(SMXEncryptionCodec.class);
    public static final int PRIORITY = 1000;
    public static final String SM4_CBC_PKCS5_CIPHER = "SM4/CBC/PKCS5Padding";
    public static final String ECB_INDICATOR = "/ECB/";
    public static final String PROP_PUBLIC_KEY = "org.opoo.ootp.codec.encryption.smx.SMXEncryptionCodec.publicKey";
    public static final String PROP_PRIVATE_KEY_PROVIDER = "org.opoo.ootp.codec.encryption.smx.SMXEncryptionCodec.privateKeyProvider";

    /* loaded from: input_file:org/opoo/ootp/codec/encryption/smx/SMXEncryptionCodec$SigningEncodeMetadataListener.class */
    protected static class SigningEncodeMetadataListener implements EncodeListener<SMXEncryptionMetadata> {
        private final PublicKey publicKey;

        public SigningEncodeMetadataListener(PublicKey publicKey) {
            this.publicKey = publicKey;
        }

        public void encodeComplete(EncodeStream<SMXEncryptionMetadata> encodeStream) {
            ((SMXEncryptionMetadata) encodeStream.getEncodeMetadata()).setKeyId(EncryptionUtils.getKeyFingerprint(this.publicKey));
        }
    }

    public boolean canProcess(String str) {
        if (SMXEncryptionConstants.ENCRYPTION_TYPE.equals(CodecUtil.getEncodeType(str))) {
            return EncryptionUtils.getCipherSpec(str).toUpperCase().startsWith("SM4/");
        }
        return false;
    }

    public String getDefaultEncodeSpec() {
        return CodecUtil.getEncodeSpec(SMXEncryptionConstants.ENCRYPTION_TYPE, "SM4/CBC/PKCS5Padding");
    }

    public int getPriority() {
        return PRIORITY;
    }

    public SMXEncryptionMetadata createEncodeMetadata(String str, Map<String, String> map) {
        return new SMXEncryptionMetadata(str, map);
    }

    public long getDecodedSize(SMXEncryptionMetadata sMXEncryptionMetadata) {
        return sMXEncryptionMetadata.getOriginalSize();
    }

    public OutputStream getDecodingStream(OutputStream outputStream, SMXEncryptionMetadata sMXEncryptionMetadata, Map<String, Object> map) {
        return new CipherOutputStream(outputStream, createDecryptCipher(sMXEncryptionMetadata, map));
    }

    public InputStream getDecodingStream(InputStream inputStream, SMXEncryptionMetadata sMXEncryptionMetadata, Map<String, Object> map) {
        return new CipherInputStream(inputStream, createDecryptCipher(sMXEncryptionMetadata, map));
    }

    protected Cipher createDecryptCipher(SMXEncryptionMetadata sMXEncryptionMetadata, Map<String, Object> map) {
        String cipherSpec = EncryptionUtils.getCipherSpec(sMXEncryptionMetadata.getEncodeSpec());
        log.debug("从上下文获取当前用于解密的密钥仓库");
        PrivateKeyProvider privateKeyProvider = (PrivateKeyProvider) Codec.getContextProperty(map, PROP_PRIVATE_KEY_PROVIDER, () -> {
            return new EncryptionException("无法解密，当前解密过程缺少密钥仓库");
        });
        String keyId = sMXEncryptionMetadata.getKeyId();
        log.debug("根据指纹查询曾经用于加密的公钥对应的私钥：{}", keyId);
        PrivateKey key = privateKeyProvider.getKey(keyId);
        if (key == null) {
            throw new EncryptionException(String.format("无法解密，缺少对应的私钥，ID: %s", sMXEncryptionMetadata.getKeyId()));
        }
        String encryptedKey = sMXEncryptionMetadata.getEncryptedKey();
        byte[] initVector = sMXEncryptionMetadata.getInitVector();
        return EncryptionUtils.initCipher(cipherSpec, 2, EncryptionUtils.decryptKey(encryptedKey, EncryptionUtils.getBaseAlgorithm(cipherSpec), key), initVector != null ? new IvParameterSpec(initVector) : null);
    }

    public boolean isSizePredictable() {
        return false;
    }

    public long getEncodedSize(long j, String str, Map<String, Object> map) {
        throw new UnsupportedOperationException("sm4 encoded size is unpredictable");
    }

    public EncodeOutputStream<SMXEncryptionMetadata> getEncodingStream(OutputStream outputStream, String str, Map<String, Object> map) {
        String cipherSpec = EncryptionUtils.getCipherSpec(str);
        SecretKey generateKey = EncryptionUtils.generateKey(cipherSpec);
        Cipher initCipher = EncryptionUtils.initCipher(cipherSpec, 1, generateKey, null);
        PublicKey publicKey = (PublicKey) Codec.getContextProperty(map, PROP_PUBLIC_KEY, () -> {
            return new EncryptionException("无法加密，缺少公钥");
        });
        SMXEncryptionOutputStream sMXEncryptionOutputStream = new SMXEncryptionOutputStream(outputStream, str, initCipher, EncryptionUtils.encryptKey(generateKey, publicKey));
        sMXEncryptionOutputStream.addListener(new SigningEncodeMetadataListener(publicKey));
        return sMXEncryptionOutputStream;
    }

    public EncodeInputStream<SMXEncryptionMetadata> getEncodingStream(InputStream inputStream, String str, Map<String, Object> map) {
        String cipherSpec = EncryptionUtils.getCipherSpec(str);
        SecretKey generateKey = EncryptionUtils.generateKey(cipherSpec);
        Cipher initCipher = EncryptionUtils.initCipher(cipherSpec, 1, generateKey, null);
        PublicKey publicKey = (PublicKey) Codec.getContextProperty(map, PROP_PUBLIC_KEY, () -> {
            return new EncryptionException("无法加密，缺少公钥");
        });
        SMXEncryptionInputStream sMXEncryptionInputStream = new SMXEncryptionInputStream(inputStream, str, initCipher, EncryptionUtils.encryptKey(generateKey, publicKey));
        sMXEncryptionInputStream.addListener(new SigningEncodeMetadataListener(publicKey));
        return sMXEncryptionInputStream;
    }

    public /* bridge */ /* synthetic */ InputStream getDecodingStream(InputStream inputStream, EncodeMetadata encodeMetadata, Map map) {
        return getDecodingStream(inputStream, (SMXEncryptionMetadata) encodeMetadata, (Map<String, Object>) map);
    }

    public /* bridge */ /* synthetic */ OutputStream getDecodingStream(OutputStream outputStream, EncodeMetadata encodeMetadata, Map map) {
        return getDecodingStream(outputStream, (SMXEncryptionMetadata) encodeMetadata, (Map<String, Object>) map);
    }

    /* renamed from: createEncodeMetadata, reason: collision with other method in class */
    public /* bridge */ /* synthetic */ EncodeMetadata m14createEncodeMetadata(String str, Map map) {
        return createEncodeMetadata(str, (Map<String, String>) map);
    }
}
