package com.xdja.pki.gmssl.crypto.sdf;

import com.xdja.pki.gmssl.core.utils.GMSSLByteArrayUtils;
import com.xdja.pki.gmssl.core.utils.GMSSLX509Utils;
import com.xdja.pki.gmssl.sdf.SdfSDK;
import com.xdja.pki.gmssl.sdf.SdfSDKException;
import com.xdja.pki.gmssl.sdf.bean.SdfAlgIdAsymmetric;
import com.xdja.pki.gmssl.sdf.bean.SdfECCPublicKey;
import com.xdja.pki.gmssl.sdf.bean.SdfECCSignature;
import java.io.IOException;
import java.math.BigInteger;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.ASN1Primitive;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.crypto.CipherParameters;
import org.bouncycastle.crypto.CryptoException;
import org.bouncycastle.crypto.DataLengthException;
import org.bouncycastle.crypto.ExtendedDigest;
import org.bouncycastle.crypto.params.ParametersWithID;
import org.bouncycastle.util.Arrays;
import org.bouncycastle.util.BigIntegers;
import org.bouncycastle.util.encoders.Hex;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/xdja/pki/gmssl/crypto/sdf/SdfECBaseSigner.class */
public abstract class SdfECBaseSigner extends SdfSigner {
    protected Logger logger;
    protected ExtendedDigest digest;
    protected SdfECKeyParameters ecKey;
    protected String signAlgName;
    protected int bits;

    public SdfECBaseSigner() throws SdfSDKException {
        this(SdfCryptoType.YUNHSM);
    }

    public SdfECBaseSigner(SdfCryptoType sdfCryptoType) throws SdfSDKException {
        this(sdfCryptoType.getSdfSDK());
    }

    public SdfECBaseSigner(SdfSDK sdfSDK) throws SdfSDKException {
        this.logger = LoggerFactory.getLogger(getClass());
        this.signAlgName = Constants.SM3_WITH_SM2;
        this.bits = Constants.KEY_BITS_256;
        this.sdfSDK = sdfSDK;
        this.sdfSDK.init();
    }

    public SdfECBaseSigner(SdfSDK sdfSDK, String str) throws SdfSDKException {
        this.logger = LoggerFactory.getLogger(getClass());
        this.signAlgName = Constants.SM3_WITH_SM2;
        this.bits = Constants.KEY_BITS_256;
        this.sdfSDK = sdfSDK;
        this.signAlgName = str;
        this.sdfSDK.init();
    }

    public void init(boolean z, CipherParameters cipherParameters) {
        byte[] decode;
        try {
            if (cipherParameters instanceof ParametersWithID) {
                this.ecKey = ((ParametersWithID) cipherParameters).getParameters();
                decode = ((ParametersWithID) cipherParameters).getID();
            } else {
                this.ecKey = (SdfECKeyParameters) cipherParameters;
                decode = Hex.decode("31323334353637383132333435363738");
            }
            String str = this.signAlgName;
            boolean z2 = -1;
            switch (str.hashCode()) {
                case -840266709:
                    if (str.equals(Constants.SHA384_WITH_ECDSA)) {
                        z2 = 3;
                        break;
                    }
                    break;
                case -495316636:
                    if (str.equals(Constants.SHA512_WITH_ECDSA)) {
                        z2 = 4;
                        break;
                    }
                    break;
                case -346202199:
                    if (str.equals(Constants.SHA1_WITH_ECDSA)) {
                        z2 = true;
                        break;
                    }
                    break;
                case -266489657:
                    if (str.equals(Constants.SHA256_WITH_ECDSA)) {
                        z2 = 2;
                        break;
                    }
                    break;
                case -103638183:
                    if (str.equals(Constants.SM3_WITH_SM2)) {
                        z2 = false;
                        break;
                    }
                    break;
            }
            switch (z2) {
                case Constants.SDF_SM2_USED_BC_SM3 /* 0 */:
                    initDigest(decode, z ? this.sdfSDK.exportSignPublicKeyEcc(this.ecKey.getEcIndex()) : this.ecKey.getSDFECCPublicKey());
                    break;
                case true:
                case true:
                case true:
                case true:
                    initDigest(this.signAlgName);
                    break;
                default:
                    this.logger.error("init error  un support sign alg name {}", this.signAlgName);
                    break;
            }
        } catch (SdfSDKException e) {
            this.logger.error("init", e);
        }
    }

    public abstract void initDigest(byte[] bArr, SdfECCPublicKey sdfECCPublicKey) throws SdfSDKException;

    public abstract void initDigest(String str) throws SdfSDKException;

    public void update(byte b) {
        byte[] bArr = {b};
        update(bArr, 0, bArr.length);
    }

    public void update(byte[] bArr, int i, int i2) {
        this.digest.update(bArr, i, i2);
    }

    /* JADX WARN: Failed to find 'out' block for switch in B:4:0x001c. Please report as an issue. */
    public byte[] generateSignature() throws CryptoException, DataLengthException {
        SdfECCSignature internalSignECCEx;
        byte[] bArr = new byte[this.digest.getDigestSize()];
        try {
            this.digest.doFinal(bArr, 0);
            switch (this.bits) {
                case Constants.KEY_BITS_256 /* 256 */:
                    bArr = GMSSLByteArrayUtils.fillByteArrayWithZeroInHead(bArr, 32);
                    internalSignECCEx = this.sdfSDK.internalSignECC(this.ecKey.getEcIndex(), this.ecKey.getPassword(), bArr);
                    return derEncode(internalSignECCEx.getR(), internalSignECCEx.getS());
                case Constants.KEY_BITS_384 /* 384 */:
                case Constants.KEY_BITS_521 /* 521 */:
                    internalSignECCEx = this.sdfSDK.internalSignECCEx(this.ecKey.getEcIndex(), this.ecKey.getPassword(), bArr, this.bits);
                    return derEncode(internalSignECCEx.getR(), internalSignECCEx.getS());
                default:
                    return null;
            }
        } catch (SdfSDKException | IOException e) {
            GMSSLByteArrayUtils.printHexBinary(this.logger, "signature  digest", bArr);
            this.logger.error("generateSignature error index={} password={}", new Object[]{Integer.valueOf(this.ecKey.getEcIndex()), new String(this.ecKey.getPassword()), e});
            throw new CryptoException("sdf ec sign error", e);
        }
    }

    public boolean verifySignature(byte[] bArr) {
        byte[] bArr2 = new byte[this.digest.getDigestSize()];
        try {
            this.digest.doFinal(bArr2, 0);
            BigInteger[] derSignatureDecode = GMSSLX509Utils.derSignatureDecode(bArr);
            SdfECCSignature sdfECCSignature = new SdfECCSignature(GMSSLByteArrayUtils.filterByteArrayZeroInHead(derSignatureDecode[0].toByteArray()), GMSSLByteArrayUtils.filterByteArrayZeroInHead(derSignatureDecode[1].toByteArray()));
            switch (this.bits) {
                case Constants.KEY_BITS_256 /* 256 */:
                    byte[] fillByteArrayWithZeroInHead = GMSSLByteArrayUtils.fillByteArrayWithZeroInHead(bArr2, 32);
                    if (null == this.signAlgName) {
                        this.sdfSDK.externalVerifyECC(this.ecKey.getSDFECCPublicKey(), fillByteArrayWithZeroInHead, sdfECCSignature);
                        return true;
                    }
                    this.sdfSDK.externalVerifyECC(this.ecKey.getSDFECCPublicKey(), fillByteArrayWithZeroInHead, sdfECCSignature, this.signAlgName);
                    return true;
                case Constants.KEY_BITS_384 /* 384 */:
                    this.sdfSDK.externalVerifyECCEx(this.ecKey.getSDFECCPublicKey(), bArr2, sdfECCSignature, SdfAlgIdAsymmetric.SGD_ECC_NISTP384, this.bits);
                    return true;
                case Constants.KEY_BITS_521 /* 521 */:
                    this.sdfSDK.externalVerifyECCEx(this.ecKey.getSDFECCPublicKey(), bArr2, sdfECCSignature, SdfAlgIdAsymmetric.SGD_ECC_NISTP521, this.bits);
                    return true;
                default:
                    this.logger.error("un support key bits  {}", Integer.valueOf(this.bits));
                    return false;
            }
        } catch (IOException | SdfSDKException e) {
            if (bArr != null) {
                GMSSLByteArrayUtils.printHexBinary(this.logger, "verifySignature digest", bArr2, true);
                GMSSLByteArrayUtils.printHexBinary(this.logger, "verifySignature x", this.ecKey.getSDFECCPublicKey().getX(), true);
                GMSSLByteArrayUtils.printHexBinary(this.logger, "verifySignature y", this.ecKey.getSDFECCPublicKey().getY(), true);
                GMSSLByteArrayUtils.printHexBinary(this.logger, "verifySignature signature", bArr, true);
            }
            this.logger.error("verifySignature", e);
            return false;
        }
    }

    public void reset() {
    }

    protected BigInteger[] derDecode(byte[] bArr) throws IOException {
        ASN1Sequence aSN1Sequence = ASN1Sequence.getInstance(ASN1Primitive.fromByteArray(bArr));
        if (aSN1Sequence.size() != 2) {
            return null;
        }
        BigInteger value = ASN1Integer.getInstance(aSN1Sequence.getObjectAt(0)).getValue();
        BigInteger value2 = ASN1Integer.getInstance(aSN1Sequence.getObjectAt(1)).getValue();
        if (Arrays.constantTimeAreEqual(derEncode(value, value2), bArr)) {
            return new BigInteger[]{value, value2};
        }
        return null;
    }

    protected byte[] derEncode(byte[] bArr, byte[] bArr2) throws IOException {
        return derEncode(BigIntegers.fromUnsignedByteArray(bArr), BigIntegers.fromUnsignedByteArray(bArr2));
    }

    protected byte[] derEncode(BigInteger bigInteger, BigInteger bigInteger2) throws IOException {
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        aSN1EncodableVector.add(new ASN1Integer(bigInteger));
        aSN1EncodableVector.add(new ASN1Integer(bigInteger2));
        return new DERSequence(aSN1EncodableVector).getEncoded("DER");
    }
}
