package com.xdja.pki.ra.core.util.cert;

import com.xdja.cssp.sm2cipher.sm2.cipher.ConvertUtil;
import com.xdja.cssp.sm2cipher.sm2.cipher.SM2CipherImpl;
import com.xdja.pki.ra.core.commonenum.SignAlgEnum;
import java.math.BigInteger;
import java.security.KeyFactory;
import java.security.MessageDigest;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.ECPublicKey;
import java.security.spec.RSAPublicKeySpec;
import javax.crypto.Cipher;
import org.apache.commons.lang3.StringUtils;
import org.bouncycastle.util.encoders.Base64;

/* JADX WARN: Classes with same name are omitted:
  input_file:WEB-INF/lib/ra-core-2.0.1-20211108.054000-15.jar:com/xdja/pki/ra/core/util/cert/SignUtils.class
 */
/* loaded from: input_file:WEB-INF/lib/ra-core-2.0.1-SNAPSHOT.jar:com/xdja/pki/ra/core/util/cert/SignUtils.class */
public class SignUtils {
    public static boolean verifySignByKey(int i, PublicKey publicKey, byte[] bArr, byte[] bArr2) {
        try {
            return SignAlgEnum.SHA1WithRSA.value == i ? rsaVerifySignByKey(publicKey, bArr, bArr2) : sm2VerifySignByKey(publicKey, bArr, bArr2);
        } catch (Exception e) {
            return false;
        }
    }

    public static byte[] signByKey(int i, PrivateKey privateKey, byte[] bArr) {
        try {
            return SignAlgEnum.SHA1WithRSA.value == i ? rsaSign(privateKey, bArr) : sm2Sign(privateKey, bArr);
        } catch (Exception e) {
            return null;
        }
    }

    public static byte[] signByKey(int i, String str, byte[] bArr) {
        try {
            if (SignAlgEnum.SHA1WithRSA.value == i) {
                throw new IllegalArgumentException("unsupport sign alg SHA-1WITHRSA");
            }
            return sm2SignByKeyData(str, bArr);
        } catch (Exception e) {
            return null;
        }
    }

    public static boolean verifySignByKeyData(int i, String str, byte[] bArr, byte[] bArr2) {
        try {
            return SignAlgEnum.SHA1WithRSA.value == i ? rsaVerifySignByKeyData(str, bArr, bArr2) : sm2VerifySignByKeyData(str, bArr, bArr2);
        } catch (Exception e) {
            return false;
        }
    }

    private static boolean rsaVerifySignByKey(PublicKey publicKey, byte[] bArr, byte[] bArr2) throws Exception {
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        cipher.init(2, publicKey);
        cipher.update(bArr2);
        byte[] doFinal = cipher.doFinal();
        byte[] digest = MessageDigest.getInstance("SHA-1").digest(bArr);
        for (int i = 0; i < doFinal.length; i++) {
            if (doFinal[i] != digest[i]) {
                return false;
            }
        }
        return true;
    }

    private static boolean rsaVerifySignByKeyData(String str, byte[] bArr, byte[] bArr2) throws Exception {
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        cipher.init(2, getPublickKey(str));
        cipher.update(bArr2);
        byte[] doFinal = cipher.doFinal();
        byte[] digest = MessageDigest.getInstance("SHA-1").digest(bArr);
        for (int i = 0; i < doFinal.length; i++) {
            if (doFinal[i] != digest[i]) {
                return false;
            }
        }
        return true;
    }

    private static boolean sm2VerifySignByKey(PublicKey publicKey, byte[] bArr, byte[] bArr2) throws IllegalArgumentException {
        if (publicKey == null || bArr == null || bArr2 == null || bArr.length <= 0 || bArr2.length <= 0) {
            throw new IllegalArgumentException("param error: publicKey,sign,original can not be null");
        }
        return new SM2CipherImpl().verify((ECPublicKey) publicKey, bArr2, bArr);
    }

    private static boolean sm2VerifySignByKeyData(String str, byte[] bArr, byte[] bArr2) throws IllegalArgumentException {
        if (StringUtils.isBlank(str) || bArr == null || bArr2 == null || bArr.length <= 0 || bArr2.length <= 0) {
            throw new IllegalArgumentException("param error: publicKey,sign,original can not be null");
        }
        SM2CipherImpl sM2CipherImpl = new SM2CipherImpl();
        byte[] bArr3 = new byte[32];
        byte[] bArr4 = new byte[32];
        System.arraycopy(bArr2, 0, bArr3, 0, 32);
        System.arraycopy(bArr2, 32, bArr4, 0, 32);
        return sM2CipherImpl.verify(str, new BigInteger[]{new BigInteger(1, bArr3), new BigInteger(1, bArr4)}, bArr);
    }

    private static PublicKey getPublickKey(String str) throws Exception {
        return KeyFactory.getInstance("RSA").generatePublic(new RSAPublicKeySpec(new BigInteger(1, Base64.decode(str.getBytes())), new BigInteger("65537", 10)));
    }

    private static byte[] sm2Sign(PrivateKey privateKey, byte[] bArr) throws IllegalArgumentException {
        if (privateKey == null || bArr == null || bArr.length <= 0) {
            throw new IllegalArgumentException("param error: privateKey,original can not be null");
        }
        return new SM2CipherImpl().sign((ECPrivateKey) privateKey, bArr);
    }

    private static byte[] sm2SignByKeyData(String str, byte[] bArr) throws IllegalArgumentException {
        if (str == null || bArr == null || bArr.length <= 0) {
            throw new IllegalArgumentException("param error: privateKey,original can not be null");
        }
        byte[] bArr2 = new byte[64];
        BigInteger[] sign = new SM2CipherImpl().sign(str, bArr);
        byte[] hexStringToBytes = ConvertUtil.hexStringToBytes(sign[0].toString(16));
        System.arraycopy(hexStringToBytes, 0, bArr2, 32 - hexStringToBytes.length, hexStringToBytes.length);
        byte[] hexStringToBytes2 = ConvertUtil.hexStringToBytes(sign[1].toString(16));
        System.arraycopy(hexStringToBytes2, 0, bArr2, 64 - hexStringToBytes2.length, hexStringToBytes2.length);
        return bArr2;
    }

    private static byte[] rsaSign(PrivateKey privateKey, byte[] bArr) throws Exception {
        MessageDigest messageDigest = MessageDigest.getInstance("SHA-1");
        messageDigest.update(bArr);
        byte[] digest = messageDigest.digest();
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        cipher.init(1, privateKey);
        return cipher.doFinal(digest);
    }
}
