package cn.gtmap.sdk.mybatis.plugin.utils;

import java.io.ByteArrayInputStream;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Security;
import java.security.Signature;
import java.security.cert.X509Certificate;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.lang3.StringUtils;
import org.bouncycastle.asn1.gm.GMNamedCurves;
import org.bouncycastle.asn1.x9.X9ECParameters;
import org.bouncycastle.crypto.engines.SM2Engine;
import org.bouncycastle.crypto.params.ECDomainParameters;
import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
import org.bouncycastle.crypto.params.ECPublicKeyParameters;
import org.bouncycastle.crypto.params.ParametersWithRandom;
import org.bouncycastle.crypto.signers.SM2Signer;
import org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPrivateKey;
import org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPublicKey;
import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil;
import org.bouncycastle.jcajce.provider.asymmetric.x509.CertificateFactory;
import org.bouncycastle.jcajce.spec.OpenSSHPrivateKeySpec;
import org.bouncycastle.jcajce.spec.OpenSSHPublicKeySpec;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.util.BigIntegers;

/* loaded from: input_file:cn/gtmap/sdk/mybatis/plugin/utils/SM2Util.class */
public class SM2Util {
    public static final String SM2_CURVE_NAME = "sm2p256v1";
    private static X9ECParameters x9ECParameters = GMNamedCurves.getByName(SM2_CURVE_NAME);
    private static ECDomainParameters ecDomainParameters = new ECDomainParameters(x9ECParameters.getCurve(), x9ECParameters.getG(), x9ECParameters.getN());

    public static byte[] encrypt(byte[] bArr, byte[] bArr2, SM2Engine.Mode mode) {
        byte[] bArr3 = null;
        try {
            ECPublicKeyParameters decodePublicKeyParams = decodePublicKeyParams(bArr2);
            SM2Engine sM2Engine = new SM2Engine(mode);
            sM2Engine.init(true, new ParametersWithRandom(decodePublicKeyParams, new SecureRandom()));
            bArr3 = sM2Engine.processBlock(bArr, 0, bArr.length);
        } catch (Exception e) {
            System.out.println("SM2加密异常");
        }
        return bArr3;
    }

    public static byte[] decrypt(byte[] bArr, byte[] bArr2, SM2Engine.Mode mode) {
        byte[] bArr3 = null;
        try {
            ECPrivateKeyParameters decodePrivateKeyParams = decodePrivateKeyParams(bArr2);
            SM2Engine sM2Engine = new SM2Engine(mode);
            sM2Engine.init(false, decodePrivateKeyParams);
            bArr3 = sM2Engine.processBlock(bArr, 0, bArr.length);
        } catch (Exception e) {
            System.out.println("SM2解密异常");
        }
        return bArr3;
    }

    public static String sign(String str, String str2) {
        return HexUtil.encodeByteToHexStr(sign(HexUtil.decodeHexStrToByte(str), decodeSM2Key(str2)));
    }

    public static byte[] sign(byte[] bArr, byte[] bArr2) {
        byte[] bArr3 = null;
        try {
            SM2Signer sM2Signer = new SM2Signer();
            sM2Signer.init(true, decodePrivateKeyParams(bArr2));
            sM2Signer.update(bArr, 0, bArr.length);
            bArr3 = sM2Signer.generateSignature();
        } catch (Exception e) {
            System.out.println("SM2签名异常");
        }
        return bArr3;
    }

    public static boolean verify(String str, String str2, String str3) {
        return verify(HexUtil.decodeHexStrToByte(str), HexUtil.decodeHexStrToByte(str2), decodeSM2Key(str3));
    }

    public static boolean verify(byte[] bArr, byte[] bArr2, byte[] bArr3) {
        boolean z = false;
        try {
            SM2Signer sM2Signer = new SM2Signer();
            sM2Signer.init(false, decodePublicKeyParams(bArr3));
            sM2Signer.update(bArr, 0, bArr.length);
            z = sM2Signer.verifySignature(bArr2);
        } catch (Exception e) {
            System.out.println("SM2验签异常");
        }
        return z;
    }

    public static boolean certVerify(byte[] bArr, byte[] bArr2, byte[] bArr3) {
        try {
            X509Certificate x509Certificate = (X509Certificate) new CertificateFactory().engineGenerateCertificate(new ByteArrayInputStream(bArr3));
            Signature signature = Signature.getInstance(x509Certificate.getSigAlgName(), "BC");
            signature.initVerify(x509Certificate);
            signature.update(bArr);
            return signature.verify(bArr2);
        } catch (Exception e) {
            System.out.println("SM2证书验签异常");
            return false;
        }
    }

    public static SM2KeyPair generateHexKeyPair() {
        SM2KeyPair sM2KeyPair = new SM2KeyPair();
        KeyPair generateKeyPair = generateKeyPair();
        BCECPublicKey bCECPublicKey = generateKeyPair.getPublic();
        if (bCECPublicKey instanceof BCECPublicKey) {
            sM2KeyPair.setPublicKey(HexUtil.encodeByteToHexStr(bCECPublicKey.getQ().getEncoded(false)));
        }
        BCECPrivateKey bCECPrivateKey = generateKeyPair.getPrivate();
        if (bCECPrivateKey instanceof BCECPrivateKey) {
            sM2KeyPair.setPrivateKey(HexUtil.encodeByteToHexStr(bCECPrivateKey.getD().toByteArray()));
        }
        return sM2KeyPair;
    }

    public static SM2KeyPair generateBase64KeyPair() {
        SM2KeyPair sM2KeyPair = new SM2KeyPair();
        KeyPair generateKeyPair = generateKeyPair();
        if (generateKeyPair != null) {
            BCECPublicKey bCECPublicKey = generateKeyPair.getPublic();
            if (bCECPublicKey instanceof BCECPublicKey) {
                sM2KeyPair.setPublicKey(Base64.encodeBase64String(bCECPublicKey.getQ().getEncoded(false)));
            }
            BCECPrivateKey bCECPrivateKey = generateKeyPair.getPrivate();
            if (bCECPrivateKey instanceof BCECPrivateKey) {
                sM2KeyPair.setPrivateKey(Base64.encodeBase64String(bCECPrivateKey.getD().toByteArray()));
            }
        }
        return sM2KeyPair;
    }

    public static KeyPair generateKeyPair() {
        ECGenParameterSpec eCGenParameterSpec = new ECGenParameterSpec(SM2_CURVE_NAME);
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC", "BC");
            keyPairGenerator.initialize(eCGenParameterSpec, new SecureRandom());
            return keyPairGenerator.generateKeyPair();
        } catch (Exception e) {
            System.out.println("SM2生成秘钥对异常");
            return null;
        }
    }

    public static byte[] decodeSM2Key(String str) {
        if (StringUtils.isNotBlank(str)) {
            return HexUtil.isHex(str) ? HexUtil.decodeHexStrToByte(str) : Base64.decodeBase64(str);
        }
        return null;
    }

    public static ECPublicKeyParameters decodePublicKeyParams(byte[] bArr) {
        PublicKey generatePublic;
        if (bArr == null) {
            return null;
        }
        ECPublicKeyParameters eCPublicKeyParameters = null;
        try {
            eCPublicKeyParameters = new ECPublicKeyParameters(ecDomainParameters.getCurve().decodePoint(bArr), ecDomainParameters);
        } catch (Exception e) {
            try {
                KeyFactory keyFactory = KeyFactory.getInstance("EC", "BC");
                try {
                    generatePublic = keyFactory.generatePublic(new X509EncodedKeySpec(bArr));
                } catch (Exception e2) {
                    generatePublic = keyFactory.generatePublic(new OpenSSHPublicKeySpec(bArr));
                }
                eCPublicKeyParameters = ECUtil.generatePublicKeyParameter(generatePublic);
            } catch (Exception e3) {
                System.out.println("SM2获取公钥异常");
            }
        }
        return eCPublicKeyParameters;
    }

    public static ECPrivateKeyParameters decodePrivateKeyParams(byte[] bArr) {
        PrivateKey generatePrivate;
        if (bArr == null) {
            return null;
        }
        ECPrivateKeyParameters eCPrivateKeyParameters = null;
        try {
            eCPrivateKeyParameters = new ECPrivateKeyParameters(BigIntegers.fromUnsignedByteArray(bArr), ecDomainParameters);
        } catch (Exception e) {
            try {
                KeyFactory keyFactory = KeyFactory.getInstance("EC", "BC");
                try {
                    generatePrivate = keyFactory.generatePrivate(new PKCS8EncodedKeySpec(bArr));
                } catch (Exception e2) {
                    generatePrivate = keyFactory.generatePrivate(new OpenSSHPrivateKeySpec(bArr));
                }
                eCPrivateKeyParameters = ECUtil.generatePrivateKeyParameter(generatePrivate);
            } catch (Exception e3) {
                System.out.println("SM2获取私钥异常");
            }
        }
        return eCPrivateKeyParameters;
    }

    static {
        if (null == Security.getProvider("BC")) {
            Security.addProvider(new BouncyCastleProvider());
        }
    }
}
