package org.ofdrw.crypto.enryptor;

import java.nio.charset.StandardCharsets;
import org.bouncycastle.crypto.CryptoException;
import org.bouncycastle.crypto.engines.SM4Engine;
import org.bouncycastle.crypto.modes.CBCBlockCipher;
import org.bouncycastle.crypto.paddings.PKCS7Padding;
import org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher;
import org.bouncycastle.crypto.params.KeyParameter;
import org.bouncycastle.crypto.params.ParametersWithIV;
import org.bouncycastle.jcajce.provider.digest.SM3;
import org.jetbrains.annotations.NotNull;
import org.ofdrw.core.crypto.ProtectionCaseID;
import org.ofdrw.core.crypto.encryt.UserInfo;
import org.ofdrw.gm.support.KDF;

/* loaded from: input_file:org/ofdrw/crypto/enryptor/UserPasswordEncryptor.class */
public class UserPasswordEncryptor implements UserFEKEncryptor {
    private String username;
    private String userType;
    private byte[] fKek;

    public UserPasswordEncryptor(@NotNull String str, String str2, @NotNull String str3) {
        if (str == null || str.isEmpty()) {
            throw new IllegalArgumentException("用户名称(username)为空");
        }
        if (str3 == null || str3.isEmpty()) {
            throw new IllegalArgumentException("加密口令(password)为空");
        }
        this.username = str;
        this.userType = str2;
        this.fKek = extendKey(str3);
    }

    public UserPasswordEncryptor(@NotNull String str, @NotNull String str2) {
        this(str, null, str2);
    }

    private byte[] extendKey(String str) {
        if (str == null || str.isEmpty()) {
            throw new IllegalArgumentException("加密口令不能为空");
        }
        return KDF.extend(new SM3.Digest(), str.getBytes(StandardCharsets.UTF_8), 16);
    }

    @Override // org.ofdrw.crypto.enryptor.UserFEKEncryptor
    public UserInfo encrypt(byte[] bArr, byte[] bArr2) throws CryptoException {
        PaddedBufferedBlockCipher paddedBufferedBlockCipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new SM4Engine()), new PKCS7Padding());
        paddedBufferedBlockCipher.init(true, new ParametersWithIV(new KeyParameter(this.fKek), bArr2));
        byte[] bArr3 = new byte[64];
        int processBytes = paddedBufferedBlockCipher.processBytes(bArr, 0, this.fKek.length, bArr3, 0);
        int doFinal = processBytes + paddedBufferedBlockCipher.doFinal(bArr3, processBytes);
        UserInfo userName = new UserInfo().setUserName(this.username);
        if (this.userType != null) {
            userName.setUserType(this.userType);
        }
        byte[] bArr4 = new byte[doFinal];
        System.arraycopy(bArr3, 0, bArr4, 0, doFinal);
        userName.setIVValue(bArr2);
        userName.setEncryptedWK(bArr4);
        return userName;
    }

    @Override // org.ofdrw.crypto.enryptor.UserFEKEncryptor
    public byte[] userCert() {
        return null;
    }

    @Override // org.ofdrw.crypto.enryptor.UserFEKEncryptor
    @NotNull
    public String encryptCaseId() {
        return ProtectionCaseID.EncryptGMPassword.getId();
    }
}
