package com.xdja.pki.gmssl.crypto.sdf;

import com.xdja.pki.gmssl.core.utils.GMSSLByteArrayUtils;
import com.xdja.pki.gmssl.sdf.SdfSDK;
import com.xdja.pki.gmssl.sdf.SdfSDKException;
import com.xdja.pki.gmssl.sdf.bean.SdfAlgIdHash;
import com.xdja.pki.gmssl.sdf.bean.SdfRSAPublicKey;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.crypto.CipherParameters;
import org.bouncycastle.crypto.DataLengthException;
import org.bouncycastle.util.encoders.Hex;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/xdja/pki/gmssl/crypto/sdf/SdfRSASigner.class */
public class SdfRSASigner extends SdfSigner {
    private Logger logger;
    private SdfSHAType sdfSHAType;
    private SdfSHADigest sdfSHADigest;
    private SdfRSAKeyParameters keyParameters;
    private byte[] userId;

    public SdfRSASigner(SdfCryptoType sdfCryptoType, ASN1ObjectIdentifier aSN1ObjectIdentifier) throws SdfSDKException {
        this(sdfCryptoType, SdfSHAType.convertSdfSHAType(aSN1ObjectIdentifier));
    }

    public SdfRSASigner(SdfCryptoType sdfCryptoType, String str) throws SdfSDKException {
        this(sdfCryptoType, SdfSHAType.convertSdfSHAType(str));
    }

    public SdfRSASigner(SdfSHAType sdfSHAType) throws SdfSDKException {
        this(SdfCryptoType.YUNHSM, sdfSHAType);
    }

    public SdfRSASigner(SdfCryptoType sdfCryptoType, SdfSHAType sdfSHAType) throws SdfSDKException {
        this(sdfCryptoType.getSdfSDK(), sdfSHAType);
    }

    public SdfRSASigner(SdfSDK sdfSDK, SdfSHAType sdfSHAType) throws SdfSDKException {
        this.logger = LoggerFactory.getLogger(getClass());
        this.sdfSDK = sdfSDK;
        this.sdfSDK.init();
        this.sdfSHAType = sdfSHAType;
        if (sdfSHAType == SdfSHAType.SHA1_WITH_RSA) {
            this.sdfSHADigest = new SdfSHADigest(sdfSDK, SdfAlgIdHash.SGD_SHA1);
        } else {
            if (sdfSHAType != SdfSHAType.SHA256_WITH_RSA) {
                throw new SdfSDKException("暂不支持" + sdfSHAType.getSigAlgName() + "类型");
            }
            this.sdfSHADigest = new SdfSHADigest(sdfSDK, SdfAlgIdHash.SGD_SHA256);
        }
        if ("SGD_SHA256".equalsIgnoreCase(this.sdfSHADigest.getAlgorithmName())) {
            this.userId = Hex.decode("3031300d060960864801650304020105000420");
        } else {
            if (!"SGD_SHA1".equalsIgnoreCase(this.sdfSHADigest.getAlgorithmName())) {
                throw new SdfSDKException("暂不支持" + this.sdfSHADigest.getAlgorithmName() + "类型");
            }
            this.userId = Hex.decode("3021300906052b0e03021a05000414");
        }
    }

    public void init(boolean z, CipherParameters cipherParameters) {
        this.keyParameters = (SdfRSAKeyParameters) cipherParameters;
    }

    public void update(byte b) {
        byte[] bArr = {b};
        update(bArr, 0, bArr.length);
    }

    public void update(byte[] bArr, int i, int i2) {
        this.sdfSHADigest.update(bArr, i, i2);
    }

    public byte[] generateSignature() throws DataLengthException {
        try {
            byte[] bArr = new byte[this.sdfSHADigest.getDigestSize()];
            this.sdfSHADigest.doFinal(bArr, 0);
            byte[] buildByteArryay = GMSSLByteArrayUtils.buildByteArryay(this.userId, bArr);
            GMSSLByteArrayUtils.printHexBinary(this.logger, " sha hash ", buildByteArryay);
            GMSSLByteArrayUtils.printHexBinary(this.logger, "signature " + this.sdfSHAType.getSigAlgName() + " digest", buildByteArryay);
            return this.sdfSDK.internalPrivateKeyOperationRsa(this.keyParameters.getPrivateKeyIndex(), this.keyParameters.getPassword(), buildByteArryay);
        } catch (Exception e) {
            this.logger.error("generateSignature", e);
            return new byte[0];
        }
    }

    public boolean verifySignature(byte[] bArr) {
        try {
            byte[] bArr2 = new byte[this.sdfSHADigest.getDigestSize()];
            this.sdfSHADigest.doFinal(bArr2, 0);
            byte[] buildByteArryay = GMSSLByteArrayUtils.buildByteArryay(this.userId, bArr2);
            GMSSLByteArrayUtils.printHexBinary(this.logger, " sha hash ", bArr2);
            SdfRSAPublicKey sdfRSAPublicKey = SdfRSAPublicKey.getInstance(this.keyParameters.getPublicKey());
            this.logger.info("sdfrsaPublicKey.getBits() {}", Integer.valueOf(sdfRSAPublicKey.getBits()));
            byte[] externalPublicKeyOperationRsa = this.sdfSDK.externalPublicKeyOperationRsa(sdfRSAPublicKey, bArr);
            byte[] bArr3 = new byte[buildByteArryay.length];
            System.arraycopy(externalPublicKeyOperationRsa, externalPublicKeyOperationRsa.length - buildByteArryay.length, bArr3, 0, bArr3.length);
            return GMSSLByteArrayUtils.isEqual(buildByteArryay, bArr3);
        } catch (Exception e) {
            if (bArr != null) {
                GMSSLByteArrayUtils.printHexBinary(this.logger, "verifySignature signature", bArr);
            }
            this.logger.error("verifySignature", e);
            return false;
        }
    }

    public void reset() {
    }
}
