package com.xdja.safecenter.secret.provider.localkey;

import com.xdja.cssp.sm2cipher.sm2.cipher.ConvertUtil;
import com.xdja.cssp.sm2cipher.sm2.cipher.SM2CipherImpl;
import com.xdja.cssp.sm2cipher.sm2.cipher.SM3Digest;
import com.xdja.safecenter.secret.core.datasource.AbstractProvider;
import com.xdja.safecenter.secret.core.util.RandomUtil;
import com.xdja.safecenter.secret.core.util.Sm4;
import com.xdja.safecenter.secret.core.verify.CertUtil;
import com.xdja.safecenter.secret.provider.localkey.exception.CertParseException;
import com.xdja.safecenter.secret.provider.localkey.exception.KeyFileNotExistException;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.security.cert.X509Certificate;
import java.security.interfaces.ECPublicKey;
import java.security.spec.ECPoint;
import org.apache.commons.lang3.StringUtils;
import org.bouncycastle.util.encoders.Base64;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:com/xdja/safecenter/secret/provider/localkey/LocalKeyProviderImpl.class */
public class LocalKeyProviderImpl extends AbstractProvider implements ILocalKeyProvider {
    private String localKeyStr;
    private String localKeyHash;

    private String readKeyFile() throws KeyFileNotExistException {
        try {
            return new String(Files.readAllBytes(Paths.get("/home/xdja/conf/ckms/local.key", "")));
        } catch (Exception e) {
            throw new KeyFileNotExistException("load local key fail /home/xdja/conf/ckms/local.key", e);
        }
    }

    private String hashKey(String str) {
        SM3Digest sM3Digest = new SM3Digest();
        sM3Digest.update(str.getBytes());
        return new String(Base64.encode(sM3Digest.doFinal()));
    }

    public String getLocalKeyHash() throws KeyFileNotExistException {
        if (StringUtils.isBlank(this.localKeyStr)) {
            this.localKeyStr = readKeyFile();
        }
        if (StringUtils.isBlank(this.localKeyHash)) {
            this.localKeyHash = hashKey(this.localKeyStr);
        }
        return this.localKeyHash;
    }

    public String[] getCipherLocalKey(String str) throws KeyFileNotExistException, CertParseException {
        String[] strArr = new String[2];
        if (StringUtils.isBlank(this.localKeyStr)) {
            this.localKeyStr = readKeyFile();
        }
        X509Certificate certFromB64 = CertUtil.getCertFromB64(str);
        if (certFromB64 == null) {
            throw new CertParseException("解析加密证书时出现异常 证书信息：" + str);
        }
        byte[] bArr = new byte[65];
        bArr[0] = 4;
        ECPoint w = ((ECPublicKey) certFromB64.getPublicKey()).getW();
        byte[] hexStringToBytes = ConvertUtil.hexStringToBytes(w.getAffineX().toString(16));
        byte[] hexStringToBytes2 = ConvertUtil.hexStringToBytes(w.getAffineY().toString(16));
        System.arraycopy(hexStringToBytes, 0, bArr, 33 - hexStringToBytes.length, hexStringToBytes.length);
        System.arraycopy(hexStringToBytes2, 0, bArr, 65 - hexStringToBytes2.length, hexStringToBytes2.length);
        SM2CipherImpl sM2CipherImpl = new SM2CipherImpl();
        byte[] randomByteArray = RandomUtil.getRandomByteArray(16);
        byte[] encrypt_gb = sM2CipherImpl.encrypt_gb(new String(Base64.encode(bArr)), randomByteArray);
        byte[] sm4_encrypt_ecb = Sm4.sm4_encrypt_ecb(randomByteArray, this.localKeyStr.getBytes());
        strArr[0] = new String(Base64.encode(encrypt_gb));
        strArr[1] = new String(Base64.encode(sm4_encrypt_ecb));
        return strArr;
    }
}
