package cn.tdchain.tdmsp.util;

import cn.tdchain.cipher.utils.StringUtils;
import java.math.BigInteger;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.security.InvalidAlgorithmParameterException;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Security;
import java.security.Signature;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.ECPublicKey;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.ECPoint;
import java.security.spec.ECPublicKeySpec;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Base64;
import javax.crypto.Cipher;
import org.bouncycastle.jce.ECNamedCurveTable;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.jce.spec.ECNamedCurveParameterSpec;
import org.bouncycastle.jce.spec.ECNamedCurveSpec;

/* loaded from: input_file:cn/tdchain/tdmsp/util/EccUtil.class */
public final class EccUtil {
    private static Signature signature;
    private static final Charset UTF8 = StandardCharsets.UTF_8;
    private static ThreadLocal<Cipher> cipherThreadLocal = new ThreadLocal<>();

    private EccUtil() {
    }

    public static String encrypt(String str, ECPublicKey eCPublicKey) {
        if (StringUtils.isBlank(str) || eCPublicKey == null) {
            return str;
        }
        try {
            return Base64.getEncoder().encodeToString(getCipher(eCPublicKey, 1).doFinal(str.getBytes(UTF8)));
        } catch (Exception e) {
            return str;
        }
    }

    public static ECPublicKey getPublicKey(String str) throws NoSuchAlgorithmException, InvalidKeySpecException {
        String[] split = str.split("@");
        String str2 = split[0];
        String str3 = split[1];
        KeyFactory keyFactory = KeyFactory.getInstance(PkiConstant.EC);
        ECPoint eCPoint = new ECPoint(new BigInteger(1, Base64.getDecoder().decode(str2)), new BigInteger(1, Base64.getDecoder().decode(str3)));
        ECNamedCurveParameterSpec parameterSpec = ECNamedCurveTable.getParameterSpec(PkiConstant.SECP256K1);
        return (ECPublicKey) keyFactory.generatePublic(new ECPublicKeySpec(eCPoint, new ECNamedCurveSpec(PkiConstant.SECP256K1, parameterSpec.getCurve(), parameterSpec.getG(), parameterSpec.getN(), parameterSpec.getH(), parameterSpec.getSeed())));
    }

    public static String decrypt(String str, ECPrivateKey eCPrivateKey) {
        if (eCPrivateKey == null || StringUtils.isBlank(str)) {
            return str;
        }
        try {
            return Base64.getEncoder().encodeToString(getCipher(eCPrivateKey, 2).doFinal(Base64.getDecoder().decode(str)));
        } catch (Exception e) {
            return str;
        }
    }

    public static ECPrivateKey getPrivateKey(String str) throws NoSuchAlgorithmException, InvalidKeySpecException {
        return (ECPrivateKey) KeyFactory.getInstance(PkiConstant.EC).generatePrivate(new PKCS8EncodedKeySpec(Base64.getDecoder().decode(str)));
    }

    public static KeyPair createEcKeyPair() throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, NoSuchProviderException {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(PkiConstant.ECDSA, "BC");
        keyPairGenerator.initialize(new ECGenParameterSpec(PkiConstant.SECP256K1), SecureRandomUtils.secureRandom());
        return keyPairGenerator.generateKeyPair();
    }

    public static String sign(String str, PrivateKey privateKey) {
        if (StringUtils.isBlank(str)) {
            throw new RuntimeException("msg is null");
        }
        if (null == privateKey) {
            throw new RuntimeException("privateKey is null");
        }
        byte[] bytes = str.getBytes(UTF8);
        String str2 = "";
        try {
            Signature signature2 = getSignature();
            signature2.initSign(privateKey);
            signature2.update(bytes);
            str2 = Base64.getEncoder().encodeToString(signature2.sign());
        } catch (Exception e) {
            e.printStackTrace();
        }
        return str2;
    }

    private static Signature getSignature() {
        if (null != signature) {
            return signature;
        }
        try {
            signature = Signature.getInstance(PkiConstant.ALGORITHM_ECC);
        } catch (NoSuchAlgorithmException e) {
        }
        return signature;
    }

    public static boolean verify(String str, String str2, PublicKey publicKey) {
        byte[] bytes = str.getBytes(UTF8);
        boolean z = false;
        try {
            Signature signature2 = getSignature();
            signature2.initVerify(publicKey);
            signature2.update(bytes);
            z = signature2.verify(Base64.getDecoder().decode(str2));
        } catch (Exception e) {
            e.printStackTrace();
        }
        return z;
    }

    private static Cipher getCipher(Key key, int i) throws Exception {
        Cipher cipher = cipherThreadLocal.get();
        if (cipher == null) {
            cipher = Cipher.getInstance(PkiConstant.ECIES, "BC");
            cipherThreadLocal.set(cipher);
        }
        cipher.init(i, key);
        return cipher;
    }

    static {
        if (Security.getProvider("BC") == null) {
            Security.addProvider(new BouncyCastleProvider());
        }
    }
}
