package cn.com.syan.jcee.common.impl.key;

import cn.com.syan.jcee.common.impl.CipherException;
import cn.com.syan.jcee.common.impl.SparkCipher;
import cn.com.syan.jcee.common.impl.asn1.SM2BCPrivateKey;
import cn.com.syan.jcee.common.impl.ecc.cipher.SM4SymmetricCipher;
import cn.com.syan.jcee.common.impl.key.struct.EnvelopedRSAKeyBlob;
import cn.com.syan.jcee.common.impl.key.struct.EnvelopedSM2KeyBlob;
import cn.com.syan.jcee.common.impl.utils.CertificateConverter;
import cn.com.syan.jcee.common.impl.utils.PrivateKeyBuilder;
import cn.unitid.spark.cm.sdk.business.Algorithm;
import java.security.PrivateKey;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import org.spongycastle.util.encoders.Base64;

/* loaded from: classes.dex */
public class EncryptionPrivateKeyDecryptor {
    private final String SM2_ALGORITHM = Algorithm.SM2;

    private byte[] decrypt(byte[] bArr, String str, PrivateKey privateKey) throws CipherException {
        try {
            SparkCipher sparkCipher = str.equalsIgnoreCase(Algorithm.SM2) ? SparkCipher.getInstance(Algorithm.SM2) : SparkCipher.getInstance(SparkCipher.RSA_PKCS1PADDING);
            sparkCipher.init(2, privateKey);
            sparkCipher.update(bArr);
            return sparkCipher.doFinal();
        } catch (Exception e) {
            throw new CipherException("解密失败！" + e.getMessage(), e);
        }
    }

    public byte[] decrypt(PrivateKey privateKey, String str, String str2) throws CertificateException, CipherException {
        byte[] decrypt;
        byte[] encryptedData;
        int symmAlgID;
        SM2BCPublicKey sM2BCPublicKey;
        X509Certificate fromBase64 = CertificateConverter.fromBase64(str);
        byte[] decode = Base64.decode(str2);
        String algorithm = fromBase64.getPublicKey().getAlgorithm();
        try {
            if (Algorithm.SM2.equals(algorithm)) {
                EnvelopedSM2KeyBlob envelopedSM2KeyBlob = EnvelopedSM2KeyBlob.getInstance(decode);
                decrypt = decrypt(envelopedSM2KeyBlob.getWrappedKey().getEncoded(), algorithm, privateKey);
                encryptedData = envelopedSM2KeyBlob.getEncryptedPrivateKey();
                symmAlgID = envelopedSM2KeyBlob.getSymmAlgID();
                sM2BCPublicKey = envelopedSM2KeyBlob.getECPublicKey();
            } else {
                EnvelopedRSAKeyBlob envelopedRSAKeyBlob = EnvelopedRSAKeyBlob.getInstance(decode);
                decrypt = decrypt(envelopedRSAKeyBlob.getWrappedKey(), algorithm, privateKey);
                encryptedData = envelopedRSAKeyBlob.getEncryptedData();
                symmAlgID = envelopedRSAKeyBlob.getSymmAlgID();
                sM2BCPublicKey = null;
            }
            try {
                if (symmAlgID == 1025) {
                    SM4SymmetricCipher sM4SymmetricCipher = SM4SymmetricCipher.getInstance(SM4SymmetricCipher.ECB_MODE);
                    sM4SymmetricCipher.init(0, decrypt);
                    sM4SymmetricCipher.update(encryptedData);
                    return Algorithm.SM2.equals(algorithm) ? new SM2BCPrivateKey(PrivateKeyBuilder.buildBCECPrivateKey(sM4SymmetricCipher.doFinal()), PublicKeyBuilder.buildBCECPublicKey(sM2BCPublicKey)).getEncoded() : sM4SymmetricCipher.doFinal();
                }
                throw new Exception("解密加密私钥失败！对称密钥标识ID错误:" + symmAlgID);
            } catch (Exception e) {
                throw new CipherException("解密加密私钥失败！" + e.getMessage(), e);
            }
        } catch (Exception e2) {
            throw new CipherException("解密加密私钥数字信封失败！" + e2.getMessage(), e2);
        }
    }
}
