package cn.com.syan.jcee.common.impl;

import cn.com.syan.jcee.common.impl.ecc.SM2Signature;
import cn.com.syan.jcee.common.impl.identifier.SparkAlgorithmIdentifier;
import cn.unitid.spark.cm.sdk.business.Algorithm;
import java.security.InvalidKeyException;
import java.security.InvalidParameterException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.Certificate;
import javax.crypto.Cipher;
import org.spongycastle.asn1.ASN1ObjectIdentifier;
import org.spongycastle.asn1.x509.AlgorithmIdentifier;
import org.spongycastle.asn1.x509.DigestInfo;
import org.spongycastle.jce.interfaces.ECPrivateKey;
import org.spongycastle.jce.interfaces.ECPublicKey;

/* loaded from: classes.dex */
public class SparkSignature {
    private static SparkSignature instance;
    private static String signatureAlgorithm;
    private boolean isSM2Signature;
    private Signature rsaSignature;
    private ECPublicKey sm2PublicKey;
    private SM2Signature sm2Signature;
    private PrivateKey rsaPrivateKey = null;
    private byte[] data = null;

    private SparkSignature() throws NoSuchAlgorithmException {
        this.sm2Signature = null;
        this.rsaSignature = null;
        if (!signatureAlgorithm.equalsIgnoreCase("ECDSASM2withSM3") && !signatureAlgorithm.equalsIgnoreCase("1.2.156.10197.1.501")) {
            this.rsaSignature = Signature.getInstance(signatureAlgorithm);
        } else {
            this.isSM2Signature = true;
            this.sm2Signature = new SM2Signature();
        }
    }

    private DigestInfo getDigestInfo(byte[] bArr) throws SignatureException {
        String str;
        if ("SHA1withRSA".equalsIgnoreCase(getAlgorithm())) {
            str = "1.3.14.3.2.26";
        } else if ("SHA256withRSA".equalsIgnoreCase(getAlgorithm())) {
            str = "2.16.840.1.101.3.4.2.1";
        } else if ("SHA384withRSA".equalsIgnoreCase(getAlgorithm())) {
            str = "2.16.840.1.101.3.4.2.2";
        } else if ("MD5_WITH_RSA".equalsIgnoreCase(getAlgorithm())) {
            str = "1.2.840.113549.2.5";
        } else {
            if (!"SHA512withRSA".equalsIgnoreCase(getAlgorithm())) {
                throw new SignatureException("目前不支持" + getAlgorithm() + "算法");
            }
            str = "2.16.840.1.101.3.4.2.3";
        }
        return new DigestInfo(new AlgorithmIdentifier(new ASN1ObjectIdentifier(str)), bArr);
    }

    public static SparkSignature getInstance(String str) throws NoSuchAlgorithmException {
        SparkSignature sparkSignature;
        if (!SparkAlgorithmIdentifier.hasAlgorithm(str)) {
            throw new NoSuchAlgorithmException("algorithm " + str + " is not supported");
        }
        String str2 = signatureAlgorithm;
        if (str2 != null && str2.equalsIgnoreCase(str) && (sparkSignature = instance) != null) {
            return sparkSignature;
        }
        synchronized (SparkSignature.class) {
            signatureAlgorithm = str;
            instance = new SparkSignature();
        }
        return instance;
    }

    public byte[] digestSign() throws SignatureException {
        return digestSign(false);
    }

    public byte[] digestSign(boolean z) throws SignatureException {
        if (this.isSM2Signature) {
            return this.sm2Signature.digestSign();
        }
        try {
            Cipher cipher = Cipher.getInstance(z ? SparkCipher.RSA_PKCS1PADDING : Algorithm.RSA);
            cipher.init(1, this.rsaPrivateKey);
            cipher.update(getDigestInfo(this.data).getEncoded());
            return cipher.doFinal();
        } catch (Exception e) {
            throw new SignatureException("签名失败，原因：" + e.getMessage());
        }
    }

    public final String getAlgorithm() {
        return signatureAlgorithm;
    }

    public void initSign(PrivateKey privateKey) throws InvalidKeyException {
        try {
            if (this.isSM2Signature) {
                this.sm2Signature.initSign((ECPrivateKey) privateKey);
            } else {
                this.rsaSignature.initSign(privateKey);
                this.rsaPrivateKey = privateKey;
            }
        } catch (Exception e) {
            throw new InvalidKeyException(e.getMessage());
        }
    }

    public void initUserID(String str) {
        if (!this.isSM2Signature || str == null) {
            return;
        }
        this.sm2Signature.initUserID(str);
    }

    public void initUserID(String str, ECPublicKey eCPublicKey) {
        if (this.isSM2Signature) {
            if (str != null) {
                this.sm2Signature.initUserID(str);
            }
            this.sm2PublicKey = eCPublicKey;
        }
    }

    public void initVerify(PublicKey publicKey) throws InvalidKeyException {
        if (this.isSM2Signature) {
            this.sm2Signature.initVerify((ECPublicKey) publicKey);
        } else {
            this.rsaSignature.initVerify(publicKey);
        }
    }

    public void initVerify(Certificate certificate) throws InvalidKeyException {
        if (this.isSM2Signature) {
            this.sm2Signature.initVerify(certificate);
        } else {
            this.rsaSignature.initVerify(certificate);
        }
    }

    public byte[] sign() throws SignatureException {
        if (!this.isSM2Signature) {
            return this.rsaSignature.sign();
        }
        ECPublicKey eCPublicKey = this.sm2PublicKey;
        if (eCPublicKey != null) {
            return this.sm2Signature.sign(eCPublicKey);
        }
        throw new InvalidParameterException("ECPublicKey should be initialized first.");
    }

    public byte[] sign(ECPublicKey eCPublicKey) throws SignatureException {
        if (this.isSM2Signature) {
            return this.sm2Signature.sign(eCPublicKey);
        }
        throw new InvalidParameterException("sm2 signature engine do not support rsa algorithm");
    }

    public void update(byte[] bArr) throws SignatureException {
        if (this.isSM2Signature) {
            this.sm2Signature.update(bArr);
        } else {
            this.rsaSignature.update(bArr);
            this.data = bArr;
        }
    }

    public void update(byte[] bArr, int i, int i2) throws SignatureException {
        byte[] bArr2 = new byte[i2];
        System.arraycopy(bArr, i, bArr2, 0, i2);
        if (this.isSM2Signature) {
            this.sm2Signature.update(bArr2);
        } else {
            this.rsaSignature.update(bArr2);
            this.data = bArr2;
        }
    }

    public boolean verify(byte[] bArr) throws SignatureException, InvalidKeyException {
        return this.isSM2Signature ? this.sm2Signature.verify(bArr) : this.rsaSignature.verify(bArr);
    }
}
