package cfca.sadk.tls.sun.security.ssl.sec;

import cfca.sadk.algorithm.common.Mechanism;
import cfca.sadk.algorithm.common.PKIException;
import cfca.sadk.algorithm.sm2.SM2PrivateKey;
import cfca.sadk.algorithm.sm2.SM2PublicKey;
import cfca.sadk.lib.crypto.Session;
import cfca.sadk.org.bouncycastle.asn1.sm2.ASN1SM2Signature;
import cfca.sadk.org.bouncycastle.crypto.digests.SM3Digest;
import cfca.sadk.org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPrivateKey;
import cfca.sadk.org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPublicKey;
import cfca.sadk.org.bouncycastle.math.ec.ECPoint;
import cfca.sadk.org.bouncycastle.util.BigIntegers;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.InvalidParameterException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;

/* loaded from: input_file:cfca/sadk/tls/sun/security/ssl/sec/SM2Signature.class */
public final class SM2Signature extends Signature {
    private static final Mechanism signAlg = new Mechanism("sm3WithSM2Encryption");
    private SM3Digest hash;
    private PublicKey publicKey;
    private PrivateKey privateKey;

    public SM2Signature(String str) {
        super(str);
        this.hash = new SM3Digest();
        this.publicKey = null;
        this.privateKey = null;
    }

    public static final SM2Signature newSignature() {
        return new SM2Signature(signAlg.getMechanismType());
    }

    @Override // java.security.SignatureSpi
    protected void engineInitVerify(PublicKey publicKey) throws InvalidKeyException {
        SM2PublicKey sM2PublicKey;
        this.publicKey = null;
        this.privateKey = null;
        if (publicKey == null) {
            throw new InvalidKeyException("null publicKey");
        }
        this.hash.reset();
        if (publicKey instanceof SM2PublicKey) {
            sM2PublicKey = (SM2PublicKey) publicKey;
        } else {
            if (!(publicKey instanceof BCECPublicKey)) {
                throw new InvalidKeyException("invalid publicKey");
            }
            sM2PublicKey = new SM2PublicKey(publicKey.getEncoded());
        }
        byte[] zvalue = sM2PublicKey.getZvalue();
        this.hash.update(zvalue, 0, zvalue.length);
        this.publicKey = sM2PublicKey;
    }

    @Override // java.security.SignatureSpi
    protected void engineInitSign(PrivateKey privateKey) throws InvalidKeyException {
        SM2PrivateKey sM2PrivateKey;
        this.publicKey = null;
        this.privateKey = null;
        if (privateKey == null) {
            throw new InvalidKeyException("null privateKey");
        }
        this.hash.reset();
        if (privateKey instanceof SM2PrivateKey) {
            sM2PrivateKey = (SM2PrivateKey) privateKey;
        } else {
            if (!(privateKey instanceof BCECPrivateKey)) {
                throw new InvalidKeyException("invalid privateKey");
            }
            BCECPrivateKey bCECPrivateKey = (BCECPrivateKey) privateKey;
            ECPoint normalize = bCECPrivateKey.getQ().normalize();
            sM2PrivateKey = new SM2PrivateKey(bCECPrivateKey.getD(), normalize.getAffineXCoord().toBigInteger(), normalize.getAffineYCoord().toBigInteger());
        }
        byte[] zvalue = sM2PrivateKey.getZvalue();
        this.hash.update(zvalue, 0, zvalue.length);
        this.privateKey = sM2PrivateKey;
    }

    @Override // java.security.SignatureSpi
    protected void engineUpdate(byte b) throws SignatureException {
        this.hash.update(b);
    }

    @Override // java.security.SignatureSpi
    protected void engineUpdate(byte[] bArr, int i, int i2) throws SignatureException {
        this.hash.update(bArr, i, i2);
    }

    @Override // java.security.SignatureSpi
    protected byte[] engineSign() throws SignatureException {
        if (this.privateKey == null) {
            throw new SignatureException("null privateKey");
        }
        byte[] bArr = new byte[32];
        this.hash.doFinal(bArr, 0);
        byte[] bArr2 = null;
        if (this.privateKey instanceof SM2PrivateKey) {
            try {
                byte[] signByHash = CryptoFactory.singleton().session().signByHash(signAlg, this.privateKey, bArr);
                bArr2 = signByHash.length == 64 ? new ASN1SM2Signature(signByHash).getEncoded() : new ASN1SM2Signature(signByHash).getEncoded();
            } catch (PKIException e) {
                throw new SignatureException((Throwable) e);
            } catch (IOException e2) {
                throw new SignatureException(e2);
            } catch (SecurityException e3) {
                throw new SignatureException(e3);
            }
        }
        return bArr2;
    }

    @Override // java.security.SignatureSpi
    protected boolean engineVerify(byte[] bArr) throws SignatureException {
        if (bArr == null) {
            throw new SignatureException("null signData");
        }
        if (this.publicKey == null) {
            throw new SignatureException("null publicKey");
        }
        byte[] bArr2 = new byte[32];
        this.hash.doFinal(bArr2, 0);
        boolean z = false;
        if (this.publicKey instanceof SM2PublicKey) {
            try {
                Session session = CryptoFactory.singleton().session();
                if (bArr.length != 64) {
                    ASN1SM2Signature aSN1SM2Signature = new ASN1SM2Signature(bArr);
                    byte[] asUnsignedByteArray = BigIntegers.asUnsignedByteArray(32, aSN1SM2Signature.getR().getPositiveValue());
                    byte[] asUnsignedByteArray2 = BigIntegers.asUnsignedByteArray(32, aSN1SM2Signature.getS().getPositiveValue());
                    bArr = new byte[64];
                    System.arraycopy(asUnsignedByteArray, 0, bArr, 0, 32);
                    System.arraycopy(asUnsignedByteArray2, 0, bArr, 32, 32);
                }
                z = session.verifyByHash(signAlg, this.publicKey, bArr2, bArr);
            } catch (PKIException e) {
                e.printStackTrace();
                throw new SignatureException((Throwable) e);
            } catch (SecurityException e2) {
                throw new SignatureException(e2);
            }
        }
        return z;
    }

    @Override // java.security.SignatureSpi
    protected void engineSetParameter(String str, Object obj) throws InvalidParameterException {
    }

    @Override // java.security.SignatureSpi
    protected Object engineGetParameter(String str) throws InvalidParameterException {
        return null;
    }
}
