package link.luyu.protocol.algorithm.sm2;

import java.io.ByteArrayOutputStream;
import java.math.BigInteger;
import java.security.SecureRandom;
import java.util.AbstractMap;
import java.util.Arrays;
import java.util.Map;
import link.luyu.protocol.algorithm.SignatureAlgorithm;
import org.bouncycastle.asn1.x9.X9ECParameters;
import org.bouncycastle.asn1.x9.X9IntegerConverter;
import org.bouncycastle.crypto.ec.CustomNamedCurves;
import org.bouncycastle.crypto.params.ECDomainParameters;
import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
import org.bouncycastle.math.ec.ECAlgorithms;
import org.bouncycastle.math.ec.ECConstants;
import org.bouncycastle.math.ec.ECPoint;
import org.bouncycastle.math.ec.FixedPointCombMultiplier;
import org.bouncycastle.util.encoders.Hex;

/* loaded from: input_file:link/luyu/protocol/algorithm/sm2/SM2WithSM3.class */
public class SM2WithSM3 implements SignatureAlgorithm {
    public static final String TYPE = "SM2_WITH_SM3";
    public static final int PRIVATE_KEY_SIZE = 32;
    public static final int PUBLIC_KEY_SIZE = 64;
    public static final SecureRandom SecureRandomInstance = new SecureRandom();
    public static final X9ECParameters CURVE_PARAMS = CustomNamedCurves.getByName("sm2p256v1");
    static final ECDomainParameters CURVE = new ECDomainParameters(CURVE_PARAMS.getCurve(), CURVE_PARAMS.getG(), CURVE_PARAMS.getN(), CURVE_PARAMS.getH());
    static final BigInteger HALF_CURVE_ORDER = CURVE_PARAMS.getN().shiftRight(1);

    @Override // link.luyu.protocol.algorithm.SignatureAlgorithm
    public String getType() {
        return TYPE;
    }

    @Override // link.luyu.protocol.algorithm.SignatureAlgorithm
    public byte[] sign(byte[] bArr, byte[] bArr2) {
        return sign(bArr, bArr2, true).toBytes();
    }

    public SignatureData sign(byte[] bArr, byte[] bArr2, boolean z) {
        if (z) {
            bArr2 = HashUtil.sm3(bArr2);
        }
        BigInteger bigInteger = new BigInteger(1, bArr);
        SM2Signer sM2Signer = new SM2Signer();
        sM2Signer.init(true, new ECPrivateKeyParameters(bigInteger, CURVE));
        return sM2Signer.generateSignatureData(bArr2);
    }

    public static byte[] prepareMessage(byte[] bArr, byte[] bArr2) {
        return prepareMessage(bArr, bArr2, Hex.decode("31323334353637383132333435363738"));
    }

    public static byte[] prepareMessage(byte[] bArr, byte[] bArr2, byte[] bArr3) {
        try {
            int length = bArr3.length * 8;
            byte[] bArr4 = {(byte) ((length >> 8) & 255), (byte) (length & 255)};
            byte[] encoded = CURVE.getCurve().getA().getEncoded();
            byte[] encoded2 = CURVE.getCurve().getB().getEncoded();
            byte[] encoded3 = CURVE.getG().getAffineXCoord().getEncoded();
            byte[] encoded4 = CURVE.getG().getAffineYCoord().getEncoded();
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            byteArrayOutputStream.write(bArr4);
            byteArrayOutputStream.write(bArr3);
            byteArrayOutputStream.write(encoded);
            byteArrayOutputStream.write(encoded2);
            byteArrayOutputStream.write(encoded3);
            byteArrayOutputStream.write(encoded4);
            byteArrayOutputStream.write(bArr);
            byte[] sm3 = HashUtil.sm3(byteArrayOutputStream.toByteArray());
            byte[] sm32 = HashUtil.sm3(bArr2);
            ByteArrayOutputStream byteArrayOutputStream2 = new ByteArrayOutputStream();
            byteArrayOutputStream2.write(sm3);
            byteArrayOutputStream2.write(sm32);
            return byteArrayOutputStream2.toByteArray();
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    @Override // link.luyu.protocol.algorithm.SignatureAlgorithm
    public boolean verify(byte[] bArr, byte[] bArr2, byte[] bArr3) {
        return verify(new BigInteger(1, bArr), bArr2, bArr3, true);
    }

    @Override // link.luyu.protocol.algorithm.SignatureAlgorithm
    public Map.Entry<byte[], byte[]> generateKeyPair() {
        byte[] bArr = new byte[32];
        SecureRandomInstance.nextBytes(bArr);
        ECPoint normalize = publicPointFromPrivate(new BigInteger(1, bArr)).normalize();
        byte[] bArr2 = new byte[64];
        byte[] encoded = normalize.getXCoord().getEncoded();
        byte[] encoded2 = normalize.getYCoord().getEncoded();
        System.arraycopy(encoded, 0, bArr2, 0, 32);
        System.arraycopy(encoded2, 0, bArr2, 32, 32);
        return new AbstractMap.SimpleImmutableEntry(bArr2, bArr);
    }

    public boolean verify(BigInteger bigInteger, byte[] bArr, byte[] bArr2, boolean z) {
        if (z) {
            bArr2 = HashUtil.sm3(bArr2);
        }
        return recover(bArr2, bArr).equals(bigInteger);
    }

    public static BigInteger recover(byte[] bArr, byte[] bArr2) {
        SignatureData parseFrom = SignatureData.parseFrom(bArr2);
        byte v = parseFrom.getV();
        BigInteger r = parseFrom.getR();
        BigInteger s = parseFrom.getS();
        if (v < 0) {
            throw new RuntimeException("v must be positive");
        }
        if (r.signum() < 0) {
            throw new RuntimeException("r must be positive");
        }
        if (s.signum() < 0) {
            throw new RuntimeException("s must be positive");
        }
        if (bArr == null) {
            throw new RuntimeException("message cannot be null");
        }
        BigInteger n = CURVE.getN();
        if (r.compareTo(ECConstants.ONE) < 0 || r.compareTo(n) >= 0 || s.compareTo(ECConstants.ONE) < 0 || s.compareTo(n) >= 0) {
            return null;
        }
        BigInteger bigInteger = new BigInteger(1, bArr);
        BigInteger mod = r.add(s).mod(n);
        if (mod.equals(ECConstants.ZERO)) {
            return null;
        }
        ECPoint decompressKey = decompressKey(r.subtract(bigInteger).mod(n), (v & 1) == 1);
        BigInteger modInverse = mod.modInverse(n);
        byte[] encoded = ECAlgorithms.sumOfTwoMultiplies(CURVE.getG(), s.multiply(modInverse).mod(n).negate().mod(n), decompressKey, modInverse).getEncoded(false);
        return new BigInteger(1, Arrays.copyOfRange(encoded, 1, encoded.length));
    }

    private static ECPoint decompressKey(BigInteger bigInteger, boolean z) {
        X9IntegerConverter x9IntegerConverter = new X9IntegerConverter();
        byte[] integerToBytes = x9IntegerConverter.integerToBytes(bigInteger, 1 + x9IntegerConverter.getByteLength(CURVE.getCurve()));
        integerToBytes[0] = (byte) (z ? 3 : 2);
        return CURVE.getCurve().decodePoint(integerToBytes);
    }

    public static BigInteger publicKeyFromPrivate(BigInteger bigInteger) {
        byte[] encoded = publicPointFromPrivate(bigInteger).getEncoded(false);
        return new BigInteger(1, Arrays.copyOfRange(encoded, 1, encoded.length));
    }

    public static ECPoint publicPointFromPrivate(BigInteger bigInteger) {
        if (bigInteger.bitLength() > CURVE.getN().bitLength()) {
            bigInteger = bigInteger.mod(CURVE.getN());
        }
        return new FixedPointCombMultiplier().multiply(CURVE.getG(), bigInteger);
    }
}
