package com.xdja.pki.gmssl.crypto.sdf;

import com.xdja.pki.gmssl.core.utils.GMSSLByteArrayUtils;
import com.xdja.pki.gmssl.sdf.SdfSDK;
import com.xdja.pki.gmssl.sdf.SdfSDKException;
import com.xdja.pki.gmssl.sdf.bean.SdfECCSignature;
import java.io.IOException;
import java.math.BigInteger;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.ASN1Primitive;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.crypto.CipherParameters;
import org.bouncycastle.crypto.CryptoException;
import org.bouncycastle.crypto.DataLengthException;
import org.bouncycastle.crypto.Signer;
import org.bouncycastle.math.ec.ECConstants;
import org.bouncycastle.util.Arrays;
import org.bouncycastle.util.BigIntegers;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/xdja/pki/gmssl/crypto/sdf/SdfSM2Signer.class */
public class SdfSM2Signer implements Signer, ECConstants {
    private Logger logger;
    private SdfSDK sdfSDK;
    private SdfSM3Digest digest;
    private SdfECKeyParameters ecKey;

    public SdfSM2Signer() throws SdfSDKException {
        this(SdfCryptoType.YUNHSM);
    }

    public SdfSM2Signer(SdfCryptoType sdfCryptoType) throws SdfSDKException {
        this(sdfCryptoType.getSdfSDK());
    }

    public SdfSM2Signer(SdfSDK sdfSDK) throws SdfSDKException {
        this.logger = LoggerFactory.getLogger(getClass());
        this.sdfSDK = sdfSDK;
        this.sdfSDK.init();
    }

    public void init(boolean z, CipherParameters cipherParameters) {
        this.ecKey = (SdfECKeyParameters) cipherParameters;
        try {
            this.digest = new SdfSM3Digest(this.sdfSDK, GMSSLByteArrayUtils.hexDecode("31323334353637383132333435363738"), z ? this.sdfSDK.exportSignPublicKeyEcc(this.ecKey.getSm2Index()) : this.ecKey.getSDFECCPublicKey());
        } catch (SdfSDKException e) {
            this.logger.error("init", e);
        }
    }

    public void update(byte b) {
        byte[] bArr = {b};
        update(bArr, 0, bArr.length);
    }

    public void update(byte[] bArr, int i, int i2) {
        this.digest.update(bArr, i, i2);
    }

    public byte[] generateSignature() throws CryptoException, DataLengthException {
        byte[] bArr = new byte[this.digest.getDigestSize()];
        this.digest.doFinal(bArr, 0);
        GMSSLByteArrayUtils.printHexBinary(this.logger, "signature sm3 digest", bArr);
        try {
            this.sdfSDK.getPrivateKeyAccessRight(this.ecKey.getSm2Index(), this.ecKey.getPassword());
            SdfECCSignature internalSignECC = this.sdfSDK.internalSignECC(this.ecKey.getSm2Index(), this.ecKey.getPassword(), bArr);
            this.sdfSDK.releasePrivateKeyAccessRight(this.ecKey.getSm2Index());
            return derEncode(internalSignECC.getR(), internalSignECC.getS());
        } catch (SdfSDKException | IOException e) {
            this.logger.error("generateSignature", e);
            return new byte[0];
        }
    }

    public boolean verifySignature(byte[] bArr) {
        try {
            byte[] bArr2 = new byte[this.digest.getDigestSize()];
            this.digest.doFinal(bArr2, 0);
            GMSSLByteArrayUtils.printHexBinary(this.logger, "signature sm3 digest", bArr2);
            BigInteger[] derDecode = derDecode(bArr);
            byte[] filterByteArrayZeroInHead = GMSSLByteArrayUtils.filterByteArrayZeroInHead(derDecode[0].toByteArray());
            GMSSLByteArrayUtils.printHexBinary(this.logger, "verifySignature R", filterByteArrayZeroInHead);
            byte[] filterByteArrayZeroInHead2 = GMSSLByteArrayUtils.filterByteArrayZeroInHead(derDecode[1].toByteArray());
            GMSSLByteArrayUtils.printHexBinary(this.logger, "verifySignature S", filterByteArrayZeroInHead2);
            this.sdfSDK.externalVerifyECC(this.ecKey.getSDFECCPublicKey(), bArr2, new SdfECCSignature(filterByteArrayZeroInHead, filterByteArrayZeroInHead2));
            return true;
        } catch (IOException | SdfSDKException e) {
            this.logger.error("verifySignature", e);
            return false;
        }
    }

    public void reset() {
    }

    protected BigInteger[] derDecode(byte[] bArr) throws IOException {
        ASN1Sequence aSN1Sequence = ASN1Sequence.getInstance(ASN1Primitive.fromByteArray(bArr));
        if (aSN1Sequence.size() != 2) {
            return null;
        }
        BigInteger value = ASN1Integer.getInstance(aSN1Sequence.getObjectAt(0)).getValue();
        BigInteger value2 = ASN1Integer.getInstance(aSN1Sequence.getObjectAt(1)).getValue();
        if (Arrays.constantTimeAreEqual(derEncode(value, value2), bArr)) {
            return new BigInteger[]{value, value2};
        }
        return null;
    }

    protected byte[] derEncode(byte[] bArr, byte[] bArr2) throws IOException {
        return derEncode(BigIntegers.fromUnsignedByteArray(bArr), BigIntegers.fromUnsignedByteArray(bArr2));
    }

    protected byte[] derEncode(BigInteger bigInteger, BigInteger bigInteger2) throws IOException {
        GMSSLByteArrayUtils.printHexBinary(this.logger, "r", bigInteger.toByteArray());
        GMSSLByteArrayUtils.printHexBinary(this.logger, "s", bigInteger2.toByteArray());
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        aSN1EncodableVector.add(new ASN1Integer(bigInteger));
        aSN1EncodableVector.add(new ASN1Integer(bigInteger2));
        return new DERSequence(aSN1EncodableVector).getEncoded("DER");
    }

    public void release() throws SdfSDKException {
        if (this.sdfSDK != null) {
            this.sdfSDK.release();
        }
    }
}
