package cn.zyjblogs.crypto.sm2;

import cn.zyjblogs.crypto.SmException;
import java.io.ByteArrayInputStream;
import java.math.BigInteger;
import java.nio.charset.StandardCharsets;
import java.security.KeyFactory;
import java.security.Provider;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.cert.X509Certificate;
import java.util.Base64;
import java.util.Locale;
import java.util.Objects;
import org.bouncycastle.asn1.gm.GMNamedCurves;
import org.bouncycastle.asn1.gm.GMObjectIdentifiers;
import org.bouncycastle.asn1.x9.X9ECParameters;
import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
import org.bouncycastle.crypto.CipherParameters;
import org.bouncycastle.crypto.InvalidCipherTextException;
import org.bouncycastle.crypto.generators.ECKeyPairGenerator;
import org.bouncycastle.crypto.params.ECDomainParameters;
import org.bouncycastle.crypto.params.ECKeyGenerationParameters;
import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
import org.bouncycastle.crypto.params.ECPublicKeyParameters;
import org.bouncycastle.crypto.params.ParametersWithRandom;
import org.bouncycastle.jcajce.provider.asymmetric.x509.CertificateFactory;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.jce.spec.ECParameterSpec;
import org.bouncycastle.jce.spec.ECPrivateKeySpec;
import org.bouncycastle.jce.spec.ECPublicKeySpec;
import org.bouncycastle.util.encoders.Hex;

/* loaded from: input_file:cn/zyjblogs/crypto/sm2/SM2.class */
public class SM2 {
    public static final String CRYPTO_NAME_SM2 = "sm2p256v1";
    public static final String BC04 = "04";
    private static final byte SM2_CIPHER_FIRST_BIT = 4;
    private static final int DEFAULT_KEY_SIZE = 128;

    /* loaded from: input_file:cn/zyjblogs/crypto/sm2/SM2$EncodeType.class */
    public enum EncodeType {
        UTF8,
        HEX,
        BASE64
    }

    /* loaded from: input_file:cn/zyjblogs/crypto/sm2/SM2$Mode.class */
    public enum Mode {
        CIPHER_MODE_BC,
        CIPHER_MODE_NORM
    }

    public static SM2KeyPair generateSm2Keys(boolean z) {
        X9ECParameters byName = GMNamedCurves.getByName(CRYPTO_NAME_SM2);
        ECDomainParameters eCDomainParameters = new ECDomainParameters(byName.getCurve(), byName.getG(), byName.getN());
        ECKeyPairGenerator eCKeyPairGenerator = new ECKeyPairGenerator();
        eCKeyPairGenerator.init(new ECKeyGenerationParameters(eCDomainParameters, new SecureRandom()));
        AsymmetricCipherKeyPair generateKeyPair = eCKeyPairGenerator.generateKeyPair();
        return new SM2KeyPair(Hex.toHexString(generateKeyPair.getPublic().getQ().getEncoded(z)).toUpperCase(Locale.ROOT), generateKeyPair.getPrivate().getD().toString(16).toUpperCase(Locale.ROOT));
    }

    public static String encrypt(String str, String str2) {
        return encrypt(str, str2, SM2EngineExtend.CIPHER_MODE_NORM, EncodeType.UTF8, EncodeType.HEX);
    }

    public static String encrypt(String str, String str2, EncodeType encodeType, EncodeType encodeType2) {
        return encrypt(str, str2, SM2EngineExtend.CIPHER_MODE_NORM, encodeType, encodeType2);
    }

    public static String encrypt(String str, String str2, Mode mode, EncodeType encodeType, EncodeType encodeType2) {
        return encrypt(str, str2, Mode.CIPHER_MODE_BC == mode ? SM2EngineExtend.CIPHER_MODE_BC : SM2EngineExtend.CIPHER_MODE_NORM, encodeType, encodeType2);
    }

    public static String encrypt(String str, String str2, int i, EncodeType encodeType, EncodeType encodeType2) {
        if (Objects.equals(EncodeType.UTF8, encodeType2)) {
            throw new SmException("加密暂不支持UTF-8编码格式数据输出!,请修改输出类型");
        }
        try {
            if (str.length() == DEFAULT_KEY_SIZE) {
                str = BC04 + str;
            }
            X9ECParameters byName = GMNamedCurves.getByName(CRYPTO_NAME_SM2);
            ECPublicKeyParameters eCPublicKeyParameters = new ECPublicKeyParameters(byName.getCurve().decodePoint(Hex.decode(str)), new ECDomainParameters(byName.getCurve(), byName.getG(), byName.getN()));
            SM2EngineExtend sM2EngineExtend = new SM2EngineExtend();
            sM2EngineExtend.init(true, i, new ParametersWithRandom(eCPublicKeyParameters, new SecureRandom()));
            return processBlock(sM2EngineExtend, encodeType2, EncodeType.HEX.equals(encodeType) ? Hex.decode(str2) : EncodeType.BASE64.equals(encodeType) ? Base64.getDecoder().decode(str2.getBytes(StandardCharsets.UTF_8)) : str2.getBytes(StandardCharsets.UTF_8));
        } catch (Exception e) {
            throw new SmException(e);
        } catch (InvalidCipherTextException e2) {
            throw new SmException("加密错误", e2);
        }
    }

    private static String processBlock(SM2EngineExtend sM2EngineExtend, EncodeType encodeType, byte[] bArr) throws InvalidCipherTextException {
        byte[] processBlock = sM2EngineExtend.processBlock(bArr, 0, bArr.length);
        return EncodeType.BASE64.equals(encodeType) ? new String(Base64.getEncoder().encode(processBlock), StandardCharsets.UTF_8) : EncodeType.HEX.equals(encodeType) ? Hex.toHexString(processBlock).toUpperCase(Locale.ROOT) : new String(processBlock, StandardCharsets.UTF_8);
    }

    private static byte[] addBitIfNeed(byte[] bArr) {
        if (bArr[0] == SM2_CIPHER_FIRST_BIT) {
            return bArr;
        }
        byte[] bArr2 = new byte[bArr.length + 1];
        bArr2[0] = SM2_CIPHER_FIRST_BIT;
        System.arraycopy(bArr, 0, bArr2, 1, bArr.length);
        return bArr2;
    }

    public static String decrypt(String str, String str2) {
        return decrypt(str, str2, SM2EngineExtend.CIPHER_MODE_NORM, EncodeType.HEX, EncodeType.UTF8);
    }

    public static String decrypt(String str, String str2, EncodeType encodeType, EncodeType encodeType2) {
        return decrypt(str, str2, SM2EngineExtend.CIPHER_MODE_NORM, encodeType, encodeType2);
    }

    public static String decrypt(String str, String str2, int i, EncodeType encodeType, EncodeType encodeType2) {
        byte[] addBitIfNeed;
        if (Objects.equals(EncodeType.UTF8, encodeType)) {
            throw new SmException("解密暂不支持UTF-8编码格式数据输入!,请修改输入类型");
        }
        try {
            if (EncodeType.HEX.equals(encodeType)) {
                if (!str2.startsWith(BC04)) {
                    str2 = BC04 + str2;
                }
                addBitIfNeed = Hex.decode(str2);
            } else {
                addBitIfNeed = EncodeType.BASE64.equals(encodeType) ? addBitIfNeed(Base64.getDecoder().decode(str2)) : str2.getBytes(StandardCharsets.UTF_8);
            }
            X9ECParameters byName = GMNamedCurves.getByName(CRYPTO_NAME_SM2);
            CipherParameters eCPrivateKeyParameters = new ECPrivateKeyParameters(new BigInteger(str, 16), new ECDomainParameters(byName.getCurve(), byName.getG(), byName.getN()));
            SM2EngineExtend sM2EngineExtend = new SM2EngineExtend();
            sM2EngineExtend.init(false, i, eCPrivateKeyParameters);
            return processBlock(sM2EngineExtend, encodeType2, addBitIfNeed);
        } catch (Exception e) {
            throw new SmException(e);
        } catch (InvalidCipherTextException e2) {
            throw new SmException("解密错误", e2);
        }
    }

    public static String sign(String str, String str2) {
        try {
            BouncyCastleProvider bouncyCastleProvider = new BouncyCastleProvider();
            X9ECParameters byName = GMNamedCurves.getByName(CRYPTO_NAME_SM2);
            ECParameterSpec eCParameterSpec = new ECParameterSpec(byName.getCurve(), byName.getG(), byName.getN(), byName.getH());
            KeyFactory keyFactory = KeyFactory.getInstance("EC", (Provider) bouncyCastleProvider);
            Signature signature = Signature.getInstance(GMObjectIdentifiers.sm2sign_with_sm3.toString(), (Provider) bouncyCastleProvider);
            signature.initSign(keyFactory.generatePrivate(new ECPrivateKeySpec(new BigInteger(str, 16), eCParameterSpec)));
            signature.update(str2.getBytes());
            return Hex.toHexString(signature.sign()).toUpperCase(Locale.ROOT);
        } catch (Exception e) {
            throw new SmException(e);
        }
    }

    public static boolean verify(String str, String str2, String str3) {
        if (str.length() == DEFAULT_KEY_SIZE) {
            str = BC04 + str;
        }
        try {
            BouncyCastleProvider bouncyCastleProvider = new BouncyCastleProvider();
            X9ECParameters byName = GMNamedCurves.getByName(CRYPTO_NAME_SM2);
            ECParameterSpec eCParameterSpec = new ECParameterSpec(byName.getCurve(), byName.getG(), byName.getN(), byName.getH());
            KeyFactory keyFactory = KeyFactory.getInstance("EC", (Provider) bouncyCastleProvider);
            Signature signature = Signature.getInstance(GMObjectIdentifiers.sm2sign_with_sm3.toString(), (Provider) bouncyCastleProvider);
            signature.initVerify((PublicKey) keyFactory.generatePublic(new ECPublicKeySpec(byName.getCurve().decodePoint(Hex.decode(str)), eCParameterSpec)));
            signature.update(str2.getBytes());
            return signature.verify(Hex.decode(str3));
        } catch (Exception e) {
            throw new SmException(e);
        }
    }

    public static boolean certVerify(String str, String str2, String str3) {
        try {
            BouncyCastleProvider bouncyCastleProvider = new BouncyCastleProvider();
            byte[] decode = Hex.decode(str3);
            X509Certificate x509Certificate = (X509Certificate) new CertificateFactory().engineGenerateCertificate(new ByteArrayInputStream(Hex.decode(str)));
            Signature signature = Signature.getInstance(x509Certificate.getSigAlgName(), (Provider) bouncyCastleProvider);
            signature.initVerify(x509Certificate);
            signature.update(str2.getBytes());
            return signature.verify(decode);
        } catch (Exception e) {
            throw new SmException(e);
        }
    }
}
