package jexx.crypto.asymmetric;

import java.security.InvalidAlgorithmParameterException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Provider;
import java.security.SecureRandom;
import java.security.Security;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import jexx.crypto.CryptoException;
import jexx.util.Base64Util;
import jexx.util.HexUtil;
import jexx.util.ObjectUtil;
import jexx.util.StringUtil;
import org.bouncycastle.crypto.CipherParameters;
import org.bouncycastle.crypto.Digest;
import org.bouncycastle.crypto.InvalidCipherTextException;
import org.bouncycastle.crypto.digests.SM3Digest;
import org.bouncycastle.crypto.engines.SM2Engine;
import org.bouncycastle.crypto.params.ECDomainParameters;
import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
import org.bouncycastle.crypto.params.ECPublicKeyParameters;
import org.bouncycastle.crypto.params.ParametersWithID;
import org.bouncycastle.crypto.params.ParametersWithRandom;
import org.bouncycastle.crypto.signers.SM2Signer;
import org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPrivateKey;
import org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPublicKey;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.jce.spec.ECParameterSpec;

/* loaded from: input_file:jexx/crypto/asymmetric/SM2.class */
public class SM2 {
    private final SM2Engine.Mode mode;
    private final Digest digest;
    private final ECPrivateKeyParameters privateKeyParams;
    private final ECPublicKeyParameters publicKeyParams;
    private final SM2Engine sm2Engine;
    private final SM2Signer sm2Signer;

    public SM2(SM2Engine.Mode mode, Digest digest, ECPrivateKeyParameters eCPrivateKeyParameters, ECPublicKeyParameters eCPublicKeyParameters) {
        initProvider();
        this.privateKeyParams = eCPrivateKeyParameters;
        this.publicKeyParams = eCPublicKeyParameters;
        this.mode = mode;
        this.digest = (Digest) ObjectUtil.notNullOrDefault(digest, new SM3Digest());
        this.sm2Engine = new SM2Engine(this.digest, mode);
        this.sm2Signer = new SM2Signer();
    }

    public SM2(SM2Engine.Mode mode, Digest digest, byte[] bArr, byte[] bArr2) {
        initProvider();
        this.publicKeyParams = convertPublicKeyToParameters(convertX509ToECPublicKey(bArr2));
        this.privateKeyParams = convertPrivateKeyToParameters(convertPKCS8ToECPrivateKey(bArr));
        this.mode = mode;
        this.digest = (Digest) ObjectUtil.notNullOrDefault(digest, new SM3Digest());
        this.sm2Engine = new SM2Engine(this.digest, mode);
        this.sm2Signer = new SM2Signer();
    }

    public SM2(byte[] bArr, byte[] bArr2) {
        this(SM2Engine.Mode.C1C3C2, (Digest) null, bArr, bArr2);
    }

    public SM2(SM2Engine.Mode mode, Digest digest, String str, String str2) {
        this(mode, digest, Base64Util.decode(str), Base64Util.decode(str2));
    }

    public SM2(String str, String str2) {
        this(SM2Engine.Mode.C1C3C2, (Digest) null, str, str2);
    }

    private void initProvider() {
        BouncyCastleProvider bouncyCastleProvider = new BouncyCastleProvider();
        if (Security.getProvider(bouncyCastleProvider.getName()) == null) {
            Security.addProvider(bouncyCastleProvider);
        }
    }

    protected byte[] encrypt(SM2Engine sM2Engine, ECPublicKeyParameters eCPublicKeyParameters, byte[] bArr) {
        try {
            sM2Engine.init(true, new ParametersWithRandom(eCPublicKeyParameters, new SecureRandom()));
            return sM2Engine.processBlock(bArr, 0, bArr.length);
        } catch (InvalidCipherTextException e) {
            throw new CryptoException((Throwable) e);
        }
    }

    public byte[] encrypt(byte[] bArr) {
        return encrypt(getSm2Engine(), this.publicKeyParams, bArr);
    }

    public String encrypt(String str) {
        return StringUtil.str(encrypt(StringUtil.getBytes(str)));
    }

    public byte[] encryptAsBase64(byte[] bArr) {
        return Base64Util.encode(encrypt(bArr));
    }

    public String encryptAsBase64(String str) {
        return StringUtil.str(encryptAsBase64(StringUtil.getBytes(str)));
    }

    protected byte[] decrypt(SM2Engine sM2Engine, ECPrivateKeyParameters eCPrivateKeyParameters, byte[] bArr) {
        try {
            sM2Engine.init(false, eCPrivateKeyParameters);
            return sM2Engine.processBlock(bArr, 0, bArr.length);
        } catch (InvalidCipherTextException e) {
            throw new CryptoException((Throwable) e);
        }
    }

    public byte[] decrypt(byte[] bArr) {
        return decrypt(getSm2Engine(), this.privateKeyParams, bArr);
    }

    public String decrypt(String str) {
        return StringUtil.str(decrypt(StringUtil.getBytes(str)));
    }

    public byte[] decryptAsBase64(byte[] bArr) {
        return decrypt(Base64Util.decode(bArr));
    }

    public String decryptAsBase64(String str) {
        return StringUtil.str(decryptAsBase64(StringUtil.getBytes(str)));
    }

    private byte[] sign(SM2Signer sM2Signer, ECPrivateKeyParameters eCPrivateKeyParameters, byte[] bArr, byte[] bArr2) {
        try {
            CipherParameters parametersWithRandom = new ParametersWithRandom(eCPrivateKeyParameters, new SecureRandom());
            if (bArr != null) {
                parametersWithRandom = new ParametersWithID(parametersWithRandom, bArr);
            }
            sM2Signer.init(true, parametersWithRandom);
            sM2Signer.update(bArr2, 0, bArr2.length);
            return sM2Signer.generateSignature();
        } catch (org.bouncycastle.crypto.CryptoException e) {
            throw new CryptoException((Throwable) e);
        }
    }

    public byte[] sign(byte[] bArr, byte[] bArr2) {
        return sign(getSm2Signer(), this.privateKeyParams, bArr, bArr2);
    }

    public byte[] sign(byte[] bArr) {
        return sign(null, bArr);
    }

    public byte[] sign(String str) {
        return sign(StringUtil.getBytes(str));
    }

    public String signAsHex(byte[] bArr) {
        return HexUtil.encodeHexStr(sign(null, bArr));
    }

    public String signAsHex(String str) {
        return signAsHex(StringUtil.getBytes(str));
    }

    private boolean verify(ECPublicKeyParameters eCPublicKeyParameters, byte[] bArr, byte[] bArr2, byte[] bArr3) {
        SM2Signer sM2Signer = new SM2Signer();
        ECPublicKeyParameters eCPublicKeyParameters2 = eCPublicKeyParameters;
        if (bArr != null) {
            eCPublicKeyParameters2 = new ParametersWithID(eCPublicKeyParameters, bArr);
        }
        sM2Signer.init(false, eCPublicKeyParameters2);
        sM2Signer.update(bArr2, 0, bArr2.length);
        return sM2Signer.verifySignature(bArr3);
    }

    public boolean verify(byte[] bArr, byte[] bArr2, byte[] bArr3) {
        return verify(this.publicKeyParams, bArr, bArr2, bArr3);
    }

    public boolean verify(byte[] bArr, byte[] bArr2) {
        return verify(this.publicKeyParams, null, bArr, bArr2);
    }

    public boolean verifyAsHex(String str, String str2, String str3) {
        return verify(StringUtil.isEmpty(str) ? null : StringUtil.getBytes(str), StringUtil.getBytes(str2), HexUtil.decodeHex(str3));
    }

    public boolean verifyAsHex(String str, String str2) {
        return verifyAsHex(null, str, str2);
    }

    public SM2Engine getSm2Engine() {
        return this.sm2Engine;
    }

    public SM2Signer getSm2Signer() {
        return this.sm2Signer;
    }

    public SM2Engine.Mode getMode() {
        return this.mode;
    }

    public static KeyPair generateSm2KeyPair() {
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC", (Provider) new BouncyCastleProvider());
            keyPairGenerator.initialize(new ECGenParameterSpec("sm2p256v1"), new SecureRandom());
            return keyPairGenerator.generateKeyPair();
        } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException e) {
            throw new CryptoException(e);
        }
    }

    private BCECPublicKey convertX509ToECPublicKey(byte[] bArr) {
        try {
            return KeyFactory.getInstance("EC", "BC").generatePublic(new X509EncodedKeySpec(bArr));
        } catch (NoSuchAlgorithmException | NoSuchProviderException | InvalidKeySpecException e) {
            throw new CryptoException(e);
        }
    }

    private ECPublicKeyParameters convertPublicKeyToParameters(BCECPublicKey bCECPublicKey) {
        ECParameterSpec parameters = bCECPublicKey.getParameters();
        return new ECPublicKeyParameters(bCECPublicKey.getQ(), new ECDomainParameters(parameters.getCurve(), parameters.getG(), parameters.getN(), parameters.getH()));
    }

    private BCECPrivateKey convertPKCS8ToECPrivateKey(byte[] bArr) {
        try {
            return KeyFactory.getInstance("EC", "BC").generatePrivate(new PKCS8EncodedKeySpec(bArr));
        } catch (NoSuchAlgorithmException | NoSuchProviderException | InvalidKeySpecException e) {
            throw new CryptoException(e);
        }
    }

    private static ECPrivateKeyParameters convertPrivateKeyToParameters(BCECPrivateKey bCECPrivateKey) {
        ECParameterSpec parameters = bCECPrivateKey.getParameters();
        return new ECPrivateKeyParameters(bCECPrivateKey.getD(), new ECDomainParameters(parameters.getCurve(), parameters.getG(), parameters.getN(), parameters.getH()));
    }
}
