package com.xdja.pki.gmssl.crypto.utils;

import com.sansec.devicev4.api.ISDSCrypto;
import com.sansec.devicev4.crypto_hsm.sds.CMDCrypto;
import com.sansec.devicev4.gb.struct.key.sm2.SM2refKeyPair;
import com.xdja.SafeKey.Sm2PrivateKey;
import com.xdja.SafeKey.Sm2PublicKey;
import com.xdja.SafeKey.bean.MiniPcieIndexEnum;
import com.xdja.SafeKey.utils.MiniPcieXKFUtils;
import com.xdja.pki.gmssl.core.utils.GMSSLECUtils;
import com.xdja.pki.gmssl.core.utils.GMSSLX509Utils;
import com.xdja.pki.gmssl.crypto.init.GMSSLPkiCryptoInit;
import com.xdja.pki.gmssl.crypto.sdf.SdfCryptoType;
import com.xdja.pki.gmssl.crypto.sdf.SdfECKey;
import com.xdja.pki.gmssl.crypto.sdf.SdfPrivateKey;
import com.xdja.pki.gmssl.crypto.utils.sanc.GMSSLSancConnectionUtils;
import com.xdja.pki.gmssl.crypto.utils.sanc.GMSSLSancConverUtils;
import com.xdja.pki.gmssl.crypto.utils.sanc.GMSSLSancKeyTypeEnum;
import com.xdja.pki.gmssl.sdf.SdfSDK;
import com.xdja.pki.gmssl.sdf.SdfSDKException;
import com.xdja.pki.gmssl.sdf.pcie.PcieSdfSDK;
import com.xdja.pki.gmssl.sdf.yunhsm.YunhsmSdfSDKUtils;
import com.xdja.pki.gmssl.x509.utils.bean.GMSSLCryptoType;
import java.security.KeyPair;
import java.security.PublicKey;
import java.security.Security;
import org.bouncycastle.asn1.gm.GMNamedCurves;
import org.bouncycastle.asn1.gm.GMObjectIdentifiers;
import org.bouncycastle.asn1.nist.NISTNamedCurves;
import org.bouncycastle.asn1.sec.SECObjectIdentifiers;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:BOOT-INF/lib/gmssl-pki-utils-1.2.0-SNAPSHOT.jar:com/xdja/pki/gmssl/crypto/utils/GMSSLECKeyUtils.class */
public class GMSSLECKeyUtils {
    private static Logger logger;
    public static final String SM2p256;
    public static final String NISTp256;
    public static final String NISTp384;
    public static final String NISTp521;

    public static KeyPair generateECKeyPair(String str) throws Exception {
        switch (GMSSLPkiCryptoInit.getCryptoType()) {
            case PCI_E:
                return generateECKeyPairBySdf(SdfCryptoType.PCIE, str);
            case XDJA_HSM:
                return generateECKeyPairBySdf(SdfCryptoType.YUNHSM, str);
            case DONGJIN_HSM:
                return generateECKeyPairBySdf(SdfCryptoType.DONGJIN, str);
            case MINI_PCI_E:
                return MiniPcieXKFUtils.generateSm2KeyPair();
            case SANC_HSM:
                return generateECKeyPairBySancHsm(str);
            case BC:
            default:
                return GMSSLECUtils.generateKeyPair(str);
        }
    }

    public static SdfPrivateKey genSdfPrivateKey(int i, String str) {
        return new SdfPrivateKey(i, str);
    }

    public static SdfPrivateKey genSdfPrivateKey(int i) {
        return new SdfPrivateKey(i);
    }

    public static boolean getPrivateKeyAccessRightFromHardware(int i, String str) throws Exception {
        switch (GMSSLPkiCryptoInit.getCryptoType()) {
            case PCI_E:
                return checkPrivateKeyAccessRightFromSdf(SdfCryptoType.PCIE, i, str);
            case XDJA_HSM:
                return YunhsmSdfSDKUtils.checkPrivateKeyAccess(i, str);
            case DONGJIN_HSM:
                return checkPrivateKeyAccessRightFromSdf(SdfCryptoType.DONGJIN, i, str);
            case MINI_PCI_E:
                return MiniPcieXKFUtils.verifyPin(str.getBytes());
            default:
                throw new Exception("un support the method with the crypto type " + GMSSLPkiCryptoInit.getCryptoType());
        }
    }

    public static PublicKey getPublicKeyFromHardware(int i, String str, boolean z) throws Exception {
        switch (GMSSLPkiCryptoInit.getCryptoType()) {
            case PCI_E:
                return z ? getEncryptPublicKeyByPcie(i, str) : getSignPublicKeyByPcie(i, str);
            case XDJA_HSM:
                return z ? getEncryptPublicKeyByYunhsm(i, str) : getSignPublicKeyByYunhsm(i, str);
            case DONGJIN_HSM:
                return z ? getEncPublicKeyByDongJinHsm(i, str) : getSignPublicKeyByDongJinHsm(i, str);
            case MINI_PCI_E:
                return z ? MiniPcieXKFUtils.readSm2PublicKey(MiniPcieIndexEnum.getInfoFromIndex(i).getEncPublicKeyIndex()).getPublicKey(str) : MiniPcieXKFUtils.readSm2PublicKey(MiniPcieIndexEnum.getInfoFromIndex(i).getSignPublicKeyIndex()).getPublicKey(str);
            case SANC_HSM:
                ISDSCrypto cryptConnection = GMSSLSancConnectionUtils.getCryptConnection();
                return GMSSLSancConverUtils.converSM2PublicKey(z ? cryptConnection.getSM2PublicKey(i, GMSSLSancKeyTypeEnum.ENCRYPT.getKeyType()) : cryptConnection.getSM2PublicKey(i, GMSSLSancKeyTypeEnum.SIGN.getKeyType()));
            case BC:
            default:
                throw new Exception("un support the method with the crypto type " + GMSSLPkiCryptoInit.getCryptoType());
        }
    }

    public static boolean writeKeyPairToHardWare(int i, String str, KeyPair keyPair, boolean z) throws Exception {
        switch (GMSSLPkiCryptoInit.getCryptoType()) {
            case PCI_E:
                PcieSdfSDK pcieSdfSDK = new PcieSdfSDK();
                if (z) {
                    try {
                        pcieSdfSDK.importSM2PublicKey(keyPair.getPublic(), i, false);
                        pcieSdfSDK.importSM2PrivateKey(keyPair.getPrivate(), i, str.getBytes(), false);
                        return true;
                    } catch (Exception e) {
                        logger.error("导入SM2加密密钥对失败", (Throwable) e);
                        return false;
                    }
                }
                try {
                    pcieSdfSDK.importSM2PublicKey(keyPair.getPublic(), i, true);
                    pcieSdfSDK.importSM2PrivateKey(keyPair.getPrivate(), i, str.getBytes(), true);
                    return true;
                } catch (Exception e2) {
                    logger.error("导入SM2签名密钥对失败", (Throwable) e2);
                    return false;
                }
            case MINI_PCI_E:
                if (z) {
                    if (MiniPcieXKFUtils.writeSm2PublicKey(MiniPcieIndexEnum.getInfoFromIndex(i).getEncPublicKeyIndex(), str, new Sm2PublicKey(keyPair.getPublic()))) {
                        return MiniPcieXKFUtils.writeSm2PrivateKey(MiniPcieIndexEnum.getInfoFromIndex(i).getEncPrivateIndex(), str, new Sm2PrivateKey(keyPair.getPrivate()));
                    }
                    return false;
                }
                if (MiniPcieXKFUtils.writeSm2PublicKey(MiniPcieIndexEnum.getInfoFromIndex(i).getSignPublicKeyIndex(), str, new Sm2PublicKey(keyPair.getPublic()))) {
                    return MiniPcieXKFUtils.writeSm2PrivateKey(MiniPcieIndexEnum.getInfoFromIndex(i).getSignPrivateIndex(), str, new Sm2PrivateKey(keyPair.getPrivate()));
                }
                return false;
            default:
                throw new Exception("un support writeCertToHardWare  with the crypto " + GMSSLPkiCryptoInit.getCryptoType());
        }
    }

    public static KeyPair generateECKeyPairBySancHsm(String str) throws Exception {
        CMDCrypto cMDCrypto = new CMDCrypto();
        if (!str.equalsIgnoreCase(SM2p256)) {
            return null;
        }
        SM2refKeyPair generateSM2KeyPair = cMDCrypto.generateSM2KeyPair(256);
        return new KeyPair(GMSSLX509Utils.convertSM2PublicKey(generateSM2KeyPair.getPublicKey().getX(), generateSM2KeyPair.getPublicKey().getY()), GMSSLX509Utils.convertSM2PrivateKey(generateSM2KeyPair.getPrivateKey().getD()));
    }

    @Deprecated
    public static KeyPair generateECKeyPairByBC(String str) throws Exception {
        return GMSSLECUtils.generateKeyPair(str);
    }

    public static KeyPair generateECKeyPairBySdf(SdfCryptoType sdfCryptoType, String str) throws Exception {
        if (GMSSLPkiCryptoInit.getCryptoType() == GMSSLCryptoType.SANC_HSM) {
            return generateECKeyPair(str);
        }
        sdfCryptoType.getSdfSDK().init();
        return new SdfECKey(sdfCryptoType, str).generateKeyPair();
    }

    public static PublicKey getSignPublicKeyByYunhsm(int i, String str) throws Exception {
        if (GMSSLPkiCryptoInit.getCryptoType() != GMSSLCryptoType.SANC_HSM && GMSSLPkiCryptoInit.getCryptoType() != GMSSLCryptoType.DONGJIN_HSM) {
            SdfECKey sdfECKey = new SdfECKey(SdfCryptoType.YUNHSM, str);
            PublicKey exportSignPublicKey = sdfECKey.exportSignPublicKey(i);
            sdfECKey.release();
            return exportSignPublicKey;
        }
        return getPublicKeyFromHardware(i, str, false);
    }

    public static PublicKey getSignPublicKeyByDongJinHsm(int i, String str) throws Exception {
        SdfECKey sdfECKey = new SdfECKey(SdfCryptoType.DONGJIN, str);
        PublicKey exportSignPublicKey = sdfECKey.exportSignPublicKey(i);
        sdfECKey.release();
        return exportSignPublicKey;
    }

    public static PublicKey getEncPublicKeyByDongJinHsm(int i, String str) throws Exception {
        SdfECKey sdfECKey = new SdfECKey(SdfCryptoType.DONGJIN, str);
        PublicKey exportEncryptPublicKey = sdfECKey.exportEncryptPublicKey(i);
        sdfECKey.release();
        return exportEncryptPublicKey;
    }

    public static PublicKey getSignPublicKeyByPcie(int i, String str) throws SdfSDKException {
        SdfECKey sdfECKey = new SdfECKey(SdfCryptoType.PCIE, str);
        PublicKey exportSignPublicKey = sdfECKey.exportSignPublicKey(i);
        sdfECKey.release();
        return exportSignPublicKey;
    }

    public static PublicKey getEncryptPublicKeyByYunhsm(int i, String str) throws Exception {
        if (GMSSLPkiCryptoInit.getCryptoType() != GMSSLCryptoType.SANC_HSM && GMSSLPkiCryptoInit.getCryptoType() != GMSSLCryptoType.DONGJIN_HSM) {
            SdfECKey sdfECKey = new SdfECKey(SdfCryptoType.YUNHSM, str);
            PublicKey exportEncryptPublicKey = sdfECKey.exportEncryptPublicKey(i);
            sdfECKey.release();
            return exportEncryptPublicKey;
        }
        return getPublicKeyFromHardware(i, str, true);
    }

    public static PublicKey getEncryptPublicKeyByPcie(int i, String str) throws SdfSDKException {
        SdfECKey sdfECKey = new SdfECKey(SdfCryptoType.PCIE, str);
        PublicKey exportEncryptPublicKey = sdfECKey.exportEncryptPublicKey(i);
        sdfECKey.release();
        return exportEncryptPublicKey;
    }

    public static boolean getPrivateKeyAccessRightFromYunHsm(int i, String str) {
        return GMSSLPkiCryptoInit.getCryptoType() == GMSSLCryptoType.DONGJIN_HSM ? checkPrivateKeyAccessRightFromSdf(SdfCryptoType.DONGJIN, i, str) : YunhsmSdfSDKUtils.checkPrivateKeyAccess(i, str);
    }

    @Deprecated
    public static boolean checkPrivateKeyAccessRightFromYunHsm(int i, String str) {
        return GMSSLPkiCryptoInit.getCryptoType() == GMSSLCryptoType.DONGJIN_HSM ? checkPrivateKeyAccessRightFromSdf(SdfCryptoType.DONGJIN, i, str) : YunhsmSdfSDKUtils.checkPrivateKeyAccess(i, str);
    }

    @Deprecated
    public static boolean checkPrivateKeyAccessRightFromPCIE(int i, String str) {
        return checkPrivateKeyAccessRightFromSdf(SdfCryptoType.PCIE, i, str);
    }

    public static boolean checkPrivateKeyAccessRightFromSdf(SdfCryptoType sdfCryptoType, int i, String str) {
        try {
            if (GMSSLPkiCryptoInit.getCryptoType() == GMSSLCryptoType.DONGJIN_HSM) {
                sdfCryptoType = SdfCryptoType.DONGJIN;
            }
            SdfSDK sdfSDK = sdfCryptoType.getSdfSDK();
            sdfSDK.init();
            boolean checkPrivateKeyAccessRight = sdfSDK.checkPrivateKeyAccessRight(i, str.getBytes());
            sdfSDK.release();
            return checkPrivateKeyAccessRight;
        } catch (SdfSDKException e) {
            return false;
        }
    }

    static {
        if (Security.getProvider(BouncyCastleProvider.PROVIDER_NAME) == null) {
            Security.addProvider(new BouncyCastleProvider());
        }
        logger = LoggerFactory.getLogger((Class<?>) GMSSLECKeyUtils.class);
        SM2p256 = GMNamedCurves.getName(GMObjectIdentifiers.sm2p256v1);
        NISTp256 = NISTNamedCurves.getName(SECObjectIdentifiers.secp256r1);
        NISTp384 = NISTNamedCurves.getName(SECObjectIdentifiers.secp384r1);
        NISTp521 = NISTNamedCurves.getName(SECObjectIdentifiers.secp521r1);
    }
}
