package cfca.sadk.lib.crypto.bcsoft;

import cfca.sadk.algorithm.common.PKIException;
import cfca.sadk.algorithm.sm2.SM2Result;
import cfca.sadk.org.bouncycastle.asn1.ASN1Encoding;
import cfca.sadk.org.bouncycastle.asn1.ASN1Integer;
import cfca.sadk.org.bouncycastle.asn1.ASN1Sequence;
import cfca.sadk.org.bouncycastle.asn1.sm2.ASN1SM2Signature;
import cfca.sadk.org.bouncycastle.crypto.signers.SM2DSASigner;
import cfca.sadk.org.bouncycastle.math.ec.ECPoint;
import cfca.sadk.org.bouncycastle.util.BigIntegers;
import java.io.IOException;
import java.math.BigInteger;
import java.security.SecureRandom;

/* loaded from: input_file:cfca/sadk/lib/crypto/bcsoft/BCSoftSM2.class */
public final class BCSoftSM2 {
    public static byte[] sign(byte[] bArr, BigInteger bigInteger) throws PKIException {
        return sign(bArr, bigInteger, false);
    }

    public static byte[] sign(byte[] bArr, BigInteger bigInteger, boolean z) throws PKIException {
        byte[] encoded;
        BigInteger[] generateSignature = generateSignature(bArr, bigInteger);
        if (z) {
            try {
                encoded = new ASN1SM2Signature(generateSignature[0], generateSignature[1]).getEncoded(ASN1Encoding.DER);
            } catch (IOException e) {
                throw new PKIException("signed failure", e);
            }
        } else {
            encoded = new byte[64];
            System.arraycopy(BigIntegers.asUnsignedByteArray(32, generateSignature[0]), 0, encoded, 0, 32);
            System.arraycopy(BigIntegers.asUnsignedByteArray(32, generateSignature[1]), 0, encoded, 32, 32);
        }
        return encoded;
    }

    public void sign(byte[] bArr, BigInteger bigInteger, SM2Result sM2Result) {
        if (sM2Result == null) {
            throw new SecurityException("null not allowed for sm2Ret");
        }
        try {
            BigInteger[] generateSignature = generateSignature(bArr, bigInteger);
            sM2Result.r = generateSignature[0];
            sM2Result.s = generateSignature[1];
        } catch (PKIException e) {
            throw new SecurityException(e.getMessage());
        }
    }

    private static BigInteger[] generateSignature(byte[] bArr, BigInteger bigInteger) throws PKIException {
        if (bArr == null || bArr.length != 32) {
            throw new SecurityException("null/length not allowed for hash");
        }
        if (bigInteger == null) {
            throw new SecurityException("null not allowed for userD");
        }
        try {
            SM2DSASigner sM2DSASigner = new SM2DSASigner();
            sM2DSASigner.initSign(bigInteger, new SecureRandom());
            return sM2DSASigner.generateSignature(bArr);
        } catch (Exception e) {
            throw new PKIException("signed failure", e);
        }
    }

    public static boolean verify(byte[] bArr, byte[] bArr2, ECPoint eCPoint) {
        BigInteger positiveValue;
        BigInteger positiveValue2;
        if (eCPoint == null) {
            throw new SecurityException("null not allowed for userKey");
        }
        if (bArr == null || bArr.length != 32 || bArr2 == null) {
            return false;
        }
        if (bArr2.length == 64) {
            positiveValue = BigIntegers.fromUnsignedByteArray(bArr2, 0, 32);
            positiveValue2 = BigIntegers.fromUnsignedByteArray(bArr2, 32, 32);
        } else {
            if (bArr2.length <= 64) {
                return false;
            }
            try {
                ASN1Sequence aSN1Sequence = ASN1Sequence.getInstance(bArr2);
                ASN1Integer aSN1Integer = (ASN1Integer) aSN1Sequence.getObjectAt(0);
                ASN1Integer aSN1Integer2 = (ASN1Integer) aSN1Sequence.getObjectAt(1);
                positiveValue = aSN1Integer.getPositiveValue();
                positiveValue2 = aSN1Integer2.getPositiveValue();
            } catch (Exception e) {
                return false;
            }
        }
        return verify(bArr, eCPoint, positiveValue, positiveValue2);
    }

    public boolean verify(byte[] bArr, ECPoint eCPoint, SM2Result sM2Result) {
        return sM2Result == null ? false : verify(bArr, eCPoint, sM2Result.r, sM2Result.s);
    }

    private static boolean verify(byte[] bArr, ECPoint eCPoint, BigInteger bigInteger, BigInteger bigInteger2) {
        boolean z;
        if (bArr == null || bArr.length != 32 || eCPoint == null || bigInteger == null || bigInteger2 == null) {
            z = false;
        } else {
            SM2DSASigner sM2DSASigner = new SM2DSASigner();
            sM2DSASigner.initVerify(eCPoint);
            z = sM2DSASigner.verifySignature(bArr, bigInteger, bigInteger2);
        }
        return z;
    }
}
