package code.ponfee.commons.jce.sm;

import code.ponfee.commons.jce.ECParameters;
import code.ponfee.commons.util.Base64UrlSafe;
import code.ponfee.commons.util.Bytes;
import code.ponfee.commons.util.SecureRandoms;
import com.google.common.collect.ImmutableMap;
import java.io.Serializable;
import java.math.BigInteger;
import java.util.Arrays;
import java.util.Map;
import java.util.Objects;
import org.apache.commons.lang3.ArrayUtils;
import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
import org.bouncycastle.crypto.params.ECPublicKeyParameters;
import org.bouncycastle.math.ec.ECPoint;

/* loaded from: input_file:code/ponfee/commons/jce/sm/SM2.class */
public final class SM2 {
    public static final String PRIVATE_KEY = "SM2PrivateKey";
    public static final String PUBLIC_KEY = "SM2PublicKey";
    private static final int KEY_LENGTH = SM3Digest.getDigestSize();
    private final byte[] key = new byte[KEY_LENGTH];
    private final SM3Digest sm3keybase = SM3Digest.getInstance();
    private final SM3Digest sm3c3 = SM3Digest.getInstance();
    private final byte[] x;
    private final byte[] y;
    private byte keyOffset;
    private int count;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:code/ponfee/commons/jce/sm/SM2$Signature.class */
    public static class Signature implements Serializable {
        private static final long serialVersionUID = -2732762291362285185L;
        final BigInteger r;
        final BigInteger s;
        final BigInteger n;

        Signature(BigInteger bigInteger, BigInteger bigInteger2, BigInteger bigInteger3) {
            this.r = bigInteger;
            this.s = bigInteger2;
            this.n = bigInteger3;
        }

        Signature(byte[] bArr, BigInteger bigInteger) {
            this.n = bigInteger;
            int ceil = (int) Math.ceil(this.n.bitLength() / 8.0d);
            this.r = new BigInteger(1, Arrays.copyOfRange(bArr, 0, ceil));
            this.s = new BigInteger(1, Arrays.copyOfRange(bArr, ceil, ceil << 1));
        }

        byte[] toByteArray() {
            int ceil = (int) Math.ceil(this.n.bitLength() / 8.0d);
            byte[] bArr = new byte[ceil << 1];
            byte[] byteArray = this.r.toByteArray();
            byte[] byteArray2 = this.s.toByteArray();
            Bytes.tailCopy(byteArray, 0, byteArray.length, bArr, 0, ceil);
            Bytes.tailCopy(byteArray2, 0, byteArray2.length, bArr, ceil, ceil);
            return bArr;
        }

        public String toString() {
            return Base64UrlSafe.encode(toByteArray());
        }
    }

    private SM2(ECPoint eCPoint, BigInteger bigInteger, BigInteger bigInteger2) {
        Objects.requireNonNull(eCPoint, "public key cannot be null.");
        Objects.requireNonNull(bigInteger, "private key cannot be null.");
        ECPoint multiply = eCPoint.multiply(bigInteger);
        byte[] byteArray = multiply.normalize().getXCoord().toBigInteger().toByteArray();
        byte[] byteArray2 = multiply.normalize().getYCoord().toBigInteger().toByteArray();
        int ceil = (int) Math.ceil(bigInteger2.bitLength() / 8.0d);
        this.x = new byte[ceil];
        this.y = new byte[ceil];
        Bytes.tailCopy(byteArray, 0, byteArray.length, this.x, 0, this.x.length);
        Bytes.tailCopy(byteArray2, 0, byteArray2.length, this.y, 0, this.y.length);
        reset();
    }

    private void reset() {
        this.sm3keybase.reset();
        this.sm3keybase.update(this.x);
        this.sm3keybase.update(this.y);
        this.sm3c3.reset();
        this.sm3c3.update(this.x);
        this.count = 1;
        nextKey();
    }

    private void nextKey() {
        SM3Digest sM3Digest = SM3Digest.getInstance(this.sm3keybase);
        sM3Digest.update(Bytes.toBytes(this.count));
        sM3Digest.doFinal(this.key, 0);
        this.keyOffset = (byte) 0;
        this.count++;
    }

    private void encrypt(byte[] bArr) {
        this.sm3c3.update(bArr);
        int i = 0;
        int length = bArr.length;
        while (i < length) {
            if (this.keyOffset == KEY_LENGTH) {
                nextKey();
            }
            int i2 = i;
            i++;
            byte b = bArr[i2];
            byte[] bArr2 = this.key;
            byte b2 = this.keyOffset;
            this.keyOffset = (byte) (b2 + 1);
            bArr[i2] = (byte) (b ^ bArr2[b2]);
        }
    }

    private void decrypt(byte[] bArr) {
        int i = 0;
        int length = bArr.length;
        while (i < length) {
            if (this.keyOffset == KEY_LENGTH) {
                nextKey();
            }
            int i2 = i;
            i++;
            byte b = bArr[i2];
            byte[] bArr2 = this.key;
            byte b2 = this.keyOffset;
            this.keyOffset = (byte) (b2 + 1);
            bArr[i2] = (byte) (b ^ bArr2[b2]);
        }
        this.sm3c3.update(bArr);
    }

    private byte[] doFinal() {
        this.sm3c3.update(this.y);
        byte[] doFinal = this.sm3c3.doFinal();
        reset();
        return doFinal;
    }

    public static Map<String, byte[]> generateKeyPair() {
        return generateKeyPair(ECParameters.SM2_BEST);
    }

    public static Map<String, byte[]> generateKeyPair(ECParameters eCParameters) {
        AsymmetricCipherKeyPair generateKeyPair = eCParameters.keyPairGenerator.generateKeyPair();
        ECPrivateKeyParameters eCPrivateKeyParameters = generateKeyPair.getPrivate();
        ECPublicKeyParameters eCPublicKeyParameters = generateKeyPair.getPublic();
        return ImmutableMap.of(PRIVATE_KEY, eCPrivateKeyParameters.getD().toByteArray(), PUBLIC_KEY, eCPublicKeyParameters.getQ().getEncoded(false));
    }

    public static byte[] getPublicKey(Map<String, byte[]> map) {
        return map.get(PUBLIC_KEY);
    }

    public static byte[] getPrivateKey(Map<String, byte[]> map) {
        return map.get(PRIVATE_KEY);
    }

    public static ECPoint getPublicKey(byte[] bArr) {
        return getPublicKey(ECParameters.SM2_BEST, bArr);
    }

    public static ECPoint getPublicKey(ECParameters eCParameters, byte[] bArr) {
        return eCParameters.curve.decodePoint(bArr);
    }

    public static BigInteger getPrivateKey(byte[] bArr) {
        return new BigInteger(1, bArr);
    }

    public static byte[] encrypt(byte[] bArr, byte[] bArr2) {
        return encrypt(ECParameters.SM2_BEST, bArr, bArr2);
    }

    /* JADX WARN: Type inference failed for: r1v6, types: [byte[], byte[][]] */
    public static byte[] encrypt(ECParameters eCParameters, byte[] bArr, byte[] bArr2) {
        if (ArrayUtils.isEmpty(bArr) || ArrayUtils.isEmpty(bArr2)) {
            return null;
        }
        AsymmetricCipherKeyPair generateKeyPair = eCParameters.keyPairGenerator.generateKeyPair();
        ECPublicKeyParameters eCPublicKeyParameters = generateKeyPair.getPublic();
        SM2 sm2 = new SM2(eCParameters.curve.decodePoint(bArr), generateKeyPair.getPrivate().getD(), eCParameters.n);
        byte[] encoded = eCPublicKeyParameters.getQ().getEncoded(false);
        byte[] copyOf = Arrays.copyOf(bArr2, bArr2.length);
        sm2.encrypt(copyOf);
        return Bytes.concat(encoded, new byte[]{copyOf, sm2.doFinal()});
    }

    public static byte[] decrypt(byte[] bArr, byte[] bArr2) {
        return decrypt(ECParameters.SM2_BEST, bArr, bArr2);
    }

    public static byte[] decrypt(ECParameters eCParameters, byte[] bArr, byte[] bArr2) {
        if (ArrayUtils.isEmpty(bArr) || ArrayUtils.isEmpty(bArr2)) {
            return null;
        }
        int length = bArr2.length - (65 + 32);
        byte[] copyOf = Arrays.copyOf(bArr2, 65);
        byte[] copyOfRange = Arrays.copyOfRange(bArr2, 65, 65 + length);
        byte[] copyOfRange2 = Arrays.copyOfRange(bArr2, 65 + length, bArr2.length);
        SM2 sm2 = new SM2(getPublicKey(eCParameters, copyOf), getPrivateKey(bArr), eCParameters.n);
        sm2.decrypt(copyOfRange);
        if (Arrays.equals(copyOfRange2, sm2.doFinal())) {
            return copyOfRange;
        }
        throw new SecurityException("Invalid SM3 digest.");
    }

    public static byte[] sign(byte[] bArr, byte[] bArr2, byte[] bArr3) {
        return sign(bArr, (byte[]) null, bArr2, bArr3);
    }

    public static byte[] sign(byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4) {
        return sign(ECParameters.SM2_BEST, bArr, bArr2, bArr3, bArr4);
    }

    public static byte[] sign(ECParameters eCParameters, byte[] bArr, byte[] bArr2, byte[] bArr3) {
        return sign(eCParameters, bArr, null, bArr2, bArr3);
    }

    public static byte[] sign(ECParameters eCParameters, byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4) {
        ECPoint publicKey = getPublicKey(eCParameters, bArr3);
        BigInteger privateKey = getPrivateKey(bArr4);
        SM3Digest sM3Digest = SM3Digest.getInstance();
        sM3Digest.update(calcZ(sM3Digest, eCParameters, bArr2, publicKey));
        sM3Digest.update(bArr);
        BigInteger bigInteger = new BigInteger(1, sM3Digest.doFinal());
        while (true) {
            BigInteger random = SecureRandoms.random(eCParameters.n);
            BigInteger mod = bigInteger.add(eCParameters.pointG.multiply(random).normalize().getXCoord().toBigInteger()).mod(eCParameters.n);
            if (!mod.equals(BigInteger.ZERO) && !mod.add(random).equals(eCParameters.n)) {
                return new Signature(mod, privateKey.add(BigInteger.ONE).modInverse(eCParameters.n).multiply(random.subtract(mod.multiply(privateKey)).mod(eCParameters.n)).mod(eCParameters.n), eCParameters.n).toByteArray();
            }
        }
    }

    public static boolean verify(byte[] bArr, byte[] bArr2, byte[] bArr3) {
        return verify(bArr, (byte[]) null, bArr2, bArr3);
    }

    public static boolean verify(byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4) {
        return verify(ECParameters.SM2_BEST, bArr, bArr2, bArr3, bArr4);
    }

    public static boolean verify(ECParameters eCParameters, byte[] bArr, byte[] bArr2, byte[] bArr3) {
        return verify(eCParameters, bArr, null, bArr2, bArr3);
    }

    public static boolean verify(ECParameters eCParameters, byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4) {
        Signature signature = new Signature(bArr3, eCParameters.n);
        if (isNotBetween(signature.r, BigInteger.ONE, eCParameters.n) || isNotBetween(signature.s, BigInteger.ONE, eCParameters.n)) {
            return false;
        }
        ECPoint publicKey = getPublicKey(eCParameters, bArr4);
        SM3Digest sM3Digest = SM3Digest.getInstance();
        sM3Digest.update(calcZ(sM3Digest, eCParameters, bArr2, publicKey));
        sM3Digest.update(bArr);
        BigInteger bigInteger = new BigInteger(1, sM3Digest.doFinal());
        BigInteger mod = signature.r.add(signature.s).mod(eCParameters.n);
        if (mod.equals(BigInteger.ZERO)) {
            return false;
        }
        return bigInteger.add(eCParameters.pointG.multiply(signature.s).normalize().add(publicKey.multiply(mod).normalize()).normalize().getXCoord().toBigInteger()).mod(eCParameters.n).equals(signature.r);
    }

    public static boolean checkPublicKey(byte[] bArr) {
        return checkPublicKey(getPublicKey(bArr));
    }

    public static boolean checkPublicKey(ECParameters eCParameters, byte[] bArr) {
        return checkPublicKey(eCParameters, getPublicKey(eCParameters, bArr));
    }

    public static boolean checkPublicKey(ECPoint eCPoint) {
        return checkPublicKey(ECParameters.SM2_BEST, eCPoint);
    }

    public static boolean checkPublicKey(ECParameters eCParameters, ECPoint eCPoint) {
        if (eCPoint.isInfinity()) {
            return false;
        }
        BigInteger bigInteger = eCPoint.getXCoord().toBigInteger();
        BigInteger bigInteger2 = eCPoint.getYCoord().toBigInteger();
        if (isNotBetween(bigInteger, BigInteger.ZERO, eCParameters.p) || isNotBetween(bigInteger2, BigInteger.ZERO, eCParameters.p)) {
            return false;
        }
        return bigInteger2.pow(2).mod(eCParameters.p).equals(bigInteger.pow(3).add(eCParameters.a.multiply(bigInteger)).add(eCParameters.b).mod(eCParameters.p)) && eCPoint.multiply(eCParameters.n).isInfinity();
    }

    static byte[] calcZ(SM3Digest sM3Digest, ECParameters eCParameters, ECPoint eCPoint) {
        return calcZ(sM3Digest, eCParameters, null, eCPoint);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static byte[] calcZ(SM3Digest sM3Digest, ECParameters eCParameters, byte[] bArr, ECPoint eCPoint) {
        sM3Digest.reset();
        if (bArr != null && bArr.length > 0) {
            int length = bArr.length << 3;
            sM3Digest.update((byte) (length & 65280));
            sM3Digest.update((byte) (length & 255));
            sM3Digest.update(bArr);
        }
        sM3Digest.update(eCParameters.a.toByteArray());
        sM3Digest.update(eCParameters.b.toByteArray());
        sM3Digest.update(eCParameters.gx.toByteArray());
        sM3Digest.update(eCParameters.gy.toByteArray());
        sM3Digest.update(eCPoint.getXCoord().toBigInteger().toByteArray());
        sM3Digest.update(eCPoint.getYCoord().toBigInteger().toByteArray());
        return sM3Digest.doFinal();
    }

    private static boolean isNotBetween(BigInteger bigInteger, BigInteger bigInteger2, BigInteger bigInteger3) {
        return bigInteger.compareTo(bigInteger2) < 0 || bigInteger.compareTo(bigInteger3) >= 0;
    }
}
