package com.xdja.pki.oer.gbt.asn1.utils;

import com.xdja.pki.gmssl.core.utils.GMSSLX509Utils;
import com.xdja.pki.oer.core.ByteArrayUtils;
import com.xdja.pki.oer.core.calculate.CalculateFactory;
import com.xdja.pki.oer.core.calculate.CalculateService;
import com.xdja.pki.oer.gbt.asn1.Certificate;
import com.xdja.pki.oer.gbt.asn1.PublicVerifyKey;
import com.xdja.pki.oer.gbt.asn1.SecuredMessage;
import com.xdja.pki.oer.gbt.asn1.SignedData;
import com.xdja.pki.oer.gbt.asn1.utils.bean.OERCertificate;
import java.security.PublicKey;
import org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPublicKey;
import org.bouncycastle.math.ec.custom.gm.SM2P256V1Curve;
import org.bouncycastle.util.encoders.Hex;

/* loaded from: input_file:com/xdja/pki/oer/gbt/asn1/utils/OERUtils.class */
public class OERUtils {
    private static CalculateService calculateService = CalculateFactory.getInstance();

    public static boolean checkPublicKey(String str) {
        try {
            getPublicKeyFromStr(str);
            return true;
        } catch (Exception e) {
            e.printStackTrace();
            return false;
        }
    }

    public static PublicKey getPublicKeyFromStr(String str) throws Exception {
        return GMSSLX509Utils.convertSM2PublicKey(Hex.decode(str.substring(0, 64)), Hex.decode(str.substring(64)));
    }

    public static boolean verifyOerSignature(byte[] bArr, byte[] bArr2) throws Exception {
        OERCertificate build = CertificateHolder.build(bArr2);
        return build.getSignPublicKey().getParameters().getCurve() instanceof SM2P256V1Curve ? verifySM2(bArr, bArr2, build.getSignPublicKey()) : verifyECDSA(bArr, bArr2, build.getSignPublicKey());
    }

    public static boolean verifySecuredMessageSignatureByCert(Certificate certificate, SecuredMessage securedMessage) throws Exception {
        byte[] sha256Hash;
        byte[] sha256Hash2;
        SignedData signedData = securedMessage.getPayload().getSignedData();
        byte[] encode = signedData.getTbs().getEncode();
        PublicVerifyKey verifyKey = certificate.getTbsCert().getSubjectAttribute().getVerifyKey();
        if (EccPointHolder.build(verifyKey.getEccPoint().getEncode(), verifyKey.getEccCurve()).getPublicKey().getParameters().getCurve() instanceof SM2P256V1Curve) {
            sha256Hash = calculateService.sm3Hash(encode);
            sha256Hash2 = calculateService.sm3Hash(certificate.getEncode());
        } else {
            sha256Hash = calculateService.sha256Hash(encode);
            sha256Hash2 = calculateService.sha256Hash(certificate.getEncode());
        }
        return SignatureVerify.verify(CertificateHolder.build(certificate.getEncode()).getSignPublicKey(), ByteArrayUtils.buildUpByte(sha256Hash, sha256Hash2), signedData.getSign());
    }

    public static boolean verifySecuredMessageSignatureBySelf(PublicKey publicKey, SecuredMessage securedMessage) throws Exception {
        byte[] sha256Hash;
        byte[] sha256Hash2;
        SignedData signedData = securedMessage.getPayload().getSignedData();
        byte[] encode = signedData.getTbs().getEncode();
        if (((BCECPublicKey) publicKey).getParameters().getCurve() instanceof SM2P256V1Curve) {
            sha256Hash = calculateService.sm3Hash(encode);
            sha256Hash2 = calculateService.sm3Hash("".getBytes());
        } else {
            sha256Hash = calculateService.sha256Hash(encode);
            sha256Hash2 = calculateService.sha256Hash("".getBytes());
        }
        return SignatureVerify.verify(publicKey, ByteArrayUtils.buildUpByte(sha256Hash, sha256Hash2), signedData.getSign());
    }

    private static boolean verifySM2(byte[] bArr, byte[] bArr2, PublicKey publicKey) throws Exception {
        byte[] sm3Hash = calculateService.sm3Hash(Certificate.getInstance(bArr).getTbsCert().getEncode());
        return isEqual(bArr, bArr2) ? SignatureVerify.verify(publicKey, ByteArrayUtils.buildUpByte(sm3Hash, calculateService.sm3Hash("".getBytes())), Certificate.getInstance(bArr).getSignature()) : SignatureVerify.verify(publicKey, ByteArrayUtils.buildUpByte(sm3Hash, calculateService.sm3Hash(bArr2)), Certificate.getInstance(bArr).getSignature());
    }

    private static boolean verifyECDSA(byte[] bArr, byte[] bArr2, PublicKey publicKey) throws Exception {
        byte[] sha256Hash = calculateService.sha256Hash(Certificate.getInstance(bArr).getTbsCert().getEncode());
        return isEqual(bArr, bArr2) ? SignatureVerify.verify(publicKey, ByteArrayUtils.buildUpByte(sha256Hash, calculateService.sha256Hash("".getBytes())), Certificate.getInstance(bArr).getSignature()) : SignatureVerify.verify(publicKey, ByteArrayUtils.buildUpByte(sha256Hash, calculateService.sha256Hash(bArr2)), Certificate.getInstance(bArr).getSignature());
    }

    public static boolean isEqual(byte[] bArr, byte[] bArr2) {
        if (bArr.length != bArr2.length) {
            return false;
        }
        boolean z = true;
        boolean z2 = true;
        for (int i = 0; i < bArr.length; i++) {
            if (bArr[i] != bArr2[i]) {
                z = false;
            }
        }
        if (!z) {
            for (int i2 = 0; i2 < bArr.length; i2++) {
                if (bArr[i2] != bArr2[(bArr.length - 1) - i2]) {
                    z2 = false;
                }
            }
        }
        return z || z2;
    }
}
