package org.ofdrw.crypto;

import java.io.ByteArrayInputStream;
import java.io.Closeable;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.nio.file.FileVisitOption;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.OpenOption;
import java.nio.file.Path;
import java.nio.file.attribute.FileAttribute;
import java.security.GeneralSecurityException;
import java.security.SecureRandom;
import java.time.LocalDateTime;
import java.util.ArrayList;
import java.util.List;
import java.util.stream.Collectors;
import org.apache.commons.io.FileUtils;
import org.bouncycastle.crypto.CipherParameters;
import org.bouncycastle.crypto.CryptoException;
import org.bouncycastle.crypto.InvalidCipherTextException;
import org.bouncycastle.crypto.engines.SM4Engine;
import org.bouncycastle.crypto.modes.CBCBlockCipher;
import org.bouncycastle.crypto.paddings.PKCS7Padding;
import org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher;
import org.bouncycastle.crypto.params.KeyParameter;
import org.bouncycastle.crypto.params.ParametersWithIV;
import org.dom4j.Element;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
import org.ofdrw.core.crypto.ProtectionCaseID;
import org.ofdrw.core.crypto.encryt.CT_EncryptInfo;
import org.ofdrw.core.crypto.encryt.DecyptSeed;
import org.ofdrw.core.crypto.encryt.EncryptEntries;
import org.ofdrw.core.crypto.encryt.Encryptions;
import org.ofdrw.core.crypto.encryt.ExtendParams;
import org.ofdrw.core.crypto.encryt.Provider;
import org.ofdrw.core.crypto.encryt.UserInfo;
import org.ofdrw.core.signatures.sig.Parameters;
import org.ofdrw.crypto.enryptor.UserFEKEncryptor;
import org.ofdrw.pkg.container.OFDDir;
import org.ofdrw.pkg.tool.ElemCup;
import org.ofdrw.reader.ZipUtil;

/* loaded from: input_file:org/ofdrw/crypto/OFDEncryptor.class */
public class OFDEncryptor implements Closeable {
    private final OFDDir ofdDir;
    private Path dest;
    private Path workDir;
    private boolean closed;
    private SecureRandom random;
    private PaddedBufferedBlockCipher blockCipher;
    private List<UserFEKEncryptor> userEncryptorList;
    private ContainerFileFilter cfFilter;
    private Parameters parameters;

    private OFDEncryptor() {
        this.ofdDir = null;
    }

    public OFDEncryptor(@NotNull Path path, @NotNull Path path2) throws IOException {
        if (path == null || Files.notExists(path, new LinkOption[0])) {
            throw new IllegalArgumentException("文件位置(ofdFile)不正确");
        }
        if (path2 == null) {
            throw new IllegalArgumentException("加密后文件位置(out)为空");
        }
        this.dest = path2;
        this.workDir = Files.createTempDirectory("ofd-tmp-", new FileAttribute[0]);
        ZipUtil.unZipFiles(path.toFile(), this.workDir.toAbsolutePath() + File.separator);
        this.userEncryptorList = new ArrayList(3);
        this.ofdDir = new OFDDir(this.workDir.toAbsolutePath());
        this.random = new SecureRandom();
        this.blockCipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new SM4Engine()), new PKCS7Padding());
    }

    public OFDEncryptor addUser(@NotNull UserFEKEncryptor userFEKEncryptor) {
        if (userFEKEncryptor == null) {
            return this;
        }
        this.userEncryptorList.add(userFEKEncryptor);
        return this;
    }

    public OFDEncryptor setRandom(@NotNull SecureRandom secureRandom) {
        if (secureRandom == null) {
            return this;
        }
        this.random = secureRandom;
        return this;
    }

    public OFDEncryptor setContainerFileFilter(ContainerFileFilter containerFileFilter) {
        if (containerFileFilter == null) {
            return this;
        }
        this.cfFilter = containerFileFilter;
        return this;
    }

    public OFDEncryptor encrypt() throws IOException, CryptoException, GeneralSecurityException {
        if (this.userEncryptorList.isEmpty()) {
            throw new IllegalArgumentException("没有可用加密用户(UserFEKEncryptor)");
        }
        if (!Files.exists(this.dest, new LinkOption[0])) {
            Files.createDirectories(this.dest.getParent(), new FileAttribute[0]);
        }
        Encryptions obtainEncryptions = this.ofdDir.obtainEncryptions();
        String num = Integer.toString(obtainEncryptions.maxID() + 1);
        List<ContainerPath> toBeEncFiles = getToBeEncFiles();
        int blockSize = this.blockCipher.getBlockSize();
        byte[] bArr = new byte[blockSize];
        byte[] bArr2 = new byte[blockSize];
        this.random.nextBytes(bArr);
        this.random.nextBytes(bArr2);
        ParametersWithIV parametersWithIV = new ParametersWithIV(new KeyParameter(bArr), bArr2);
        EncryptEntries encryptFiles = encryptFiles(toBeEncFiles, parametersWithIV);
        encryptFiles.setID(num);
        ContainerPath encryptElement = encryptElement(encryptFiles, "entriesmap.dat", parametersWithIV);
        CT_EncryptInfo newEncryptInfo = newEncryptInfo(num);
        obtainEncryptions.addEncryptInfo(newEncryptInfo);
        newEncryptInfo.setEncryptScope("All");
        ContainerPath newDatFile = ContainerPath.newDatFile("decryptseed", this.workDir.toAbsolutePath());
        newEncryptInfo.setDecryptSeedLoc(newDatFile.getPath());
        newEncryptInfo.setEntriesMapLoc(encryptElement.getPath());
        DecyptSeed extendParams = new DecyptSeed().setID(num).setExtendParams(new ExtendParams());
        String str = null;
        for (UserFEKEncryptor userFEKEncryptor : this.userEncryptorList) {
            if (str == null) {
                str = userFEKEncryptor.encryptCaseId();
            }
            UserInfo encrypt = userFEKEncryptor.encrypt(bArr, bArr2);
            if (ProtectionCaseID.EncryptGMCert.getId().equals(userFEKEncryptor.encryptCaseId())) {
                byte[] userCert = userFEKEncryptor.userCert();
                if (userCert == null || userCert.length == 0) {
                    throw new CryptoException("无法获取加密证书");
                }
                encrypt.setUserCert(userCert);
            }
            extendParams.addUserInfo(encrypt);
        }
        ElemCup.dump(extendParams, newDatFile.getAbs());
        this.ofdDir.jar(this.dest);
        return this;
    }

    private CT_EncryptInfo newEncryptInfo(String str) {
        CT_EncryptInfo id = new CT_EncryptInfo().setID(str);
        if (this.parameters != null) {
            id.setParameters(this.parameters);
        }
        Provider provider = new Provider();
        provider.setCompany("ofdrw.org").setProviderName("ofdrw-crypto").setVersion("1.15.6");
        id.setProvider(provider);
        id.setEncryptDate(LocalDateTime.now());
        return id;
    }

    private List<ContainerPath> getToBeEncFiles() throws IOException {
        return (List) Files.walk(this.workDir, new FileVisitOption[0]).filter(path -> {
            return Files.isRegularFile(path, new LinkOption[0]);
        }).map(path2 -> {
            return new ContainerPath(path2.toAbsolutePath().toString().replace(this.workDir.toAbsolutePath().toString(), "").replace("\\", "/"), path2);
        }).filter(containerPath -> {
            if (this.cfFilter == null) {
                return true;
            }
            return this.cfFilter.filter(containerPath.getPath(), containerPath.getAbs());
        }).collect(Collectors.toList());
    }

    private EncryptEntries encryptFiles(List<ContainerPath> list, ParametersWithIV parametersWithIV) throws IOException, InvalidCipherTextException {
        EncryptEntries encryptEntries = new EncryptEntries();
        for (ContainerPath containerPath : list) {
            encryptEntries.addEncryptEntry(containerPath.getPath(), encryptFile(containerPath, parametersWithIV).getPath());
        }
        return encryptEntries;
    }

    private ContainerPath encryptFile(ContainerPath containerPath, CipherParameters cipherParameters) throws IOException, InvalidCipherTextException {
        byte[] bArr = new byte[4096];
        byte[] bArr2 = new byte[4096 + this.blockCipher.getBlockSize()];
        ContainerPath createEncryptedFile = containerPath.createEncryptedFile();
        InputStream newInputStream = Files.newInputStream(containerPath.getAbs(), new OpenOption[0]);
        Throwable th = null;
        try {
            OutputStream newOutputStream = Files.newOutputStream(createEncryptedFile.getAbs(), new OpenOption[0]);
            Throwable th2 = null;
            try {
                try {
                    this.blockCipher.init(true, cipherParameters);
                    while (true) {
                        int read = newInputStream.read(bArr);
                        if (read == -1) {
                            break;
                        }
                        int processBytes = this.blockCipher.processBytes(bArr, 0, read, bArr2, 0);
                        if (processBytes > 0) {
                            newOutputStream.write(bArr2, 0, processBytes);
                        }
                    }
                    newOutputStream.write(bArr2, 0, this.blockCipher.doFinal(bArr2, 0));
                    this.blockCipher.reset();
                    if (newOutputStream != null) {
                        if (0 != 0) {
                            try {
                                newOutputStream.close();
                            } catch (Throwable th3) {
                                th2.addSuppressed(th3);
                            }
                        } else {
                            newOutputStream.close();
                        }
                    }
                    Files.delete(containerPath.getAbs());
                    return createEncryptedFile;
                } finally {
                }
            } catch (Throwable th4) {
                if (newOutputStream != null) {
                    if (th2 != null) {
                        try {
                            newOutputStream.close();
                        } catch (Throwable th5) {
                            th2.addSuppressed(th5);
                        }
                    } else {
                        newOutputStream.close();
                    }
                }
                throw th4;
            }
        } finally {
            if (newInputStream != null) {
                if (0 != 0) {
                    try {
                        newInputStream.close();
                    } catch (Throwable th6) {
                        th.addSuppressed(th6);
                    }
                } else {
                    newInputStream.close();
                }
            }
        }
    }

    private ContainerPath encryptElement(Element element, String str, CipherParameters cipherParameters) throws IOException, InvalidCipherTextException {
        if (str.startsWith("/")) {
            str = str.substring(1);
        }
        ContainerPath newDatFile = ContainerPath.newDatFile(str, this.workDir);
        byte[] bArr = new byte[4096];
        byte[] bArr2 = new byte[4096 + this.blockCipher.getBlockSize()];
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(ElemCup.dump(element));
        this.blockCipher.init(true, cipherParameters);
        OutputStream newOutputStream = Files.newOutputStream(newDatFile.getAbs(), new OpenOption[0]);
        Throwable th = null;
        while (true) {
            try {
                try {
                    int read = byteArrayInputStream.read(bArr);
                    if (read == -1) {
                        break;
                    }
                    int processBytes = this.blockCipher.processBytes(bArr, 0, read, bArr2, 0);
                    if (processBytes > 0) {
                        newOutputStream.write(bArr2, 0, processBytes);
                    }
                } finally {
                }
            } catch (Throwable th2) {
                if (newOutputStream != null) {
                    if (th != null) {
                        try {
                            newOutputStream.close();
                        } catch (Throwable th3) {
                            th.addSuppressed(th3);
                        }
                    } else {
                        newOutputStream.close();
                    }
                }
                throw th2;
            }
        }
        newOutputStream.write(bArr2, 0, this.blockCipher.doFinal(bArr2, 0));
        this.blockCipher.reset();
        if (newOutputStream != null) {
            if (0 != 0) {
                try {
                    newOutputStream.close();
                } catch (Throwable th4) {
                    th.addSuppressed(th4);
                }
            } else {
                newOutputStream.close();
            }
        }
        return newDatFile;
    }

    @Nullable
    public Parameters getParameters() {
        return this.parameters;
    }

    public OFDEncryptor setParameters(Parameters parameters) {
        this.parameters = parameters;
        return this;
    }

    @Override // java.io.Closeable, java.lang.AutoCloseable
    public void close() throws IOException {
        if (this.closed) {
            return;
        }
        this.closed = true;
        if (this.workDir == null || !Files.exists(this.workDir, new LinkOption[0])) {
            return;
        }
        try {
            FileUtils.deleteDirectory(this.workDir.toFile());
        } catch (IOException e) {
            throw new IOException("无法删除Reader的工作空间，原因：" + e.getMessage(), e);
        }
    }
}
