package cn.unitid.easypki.security;

import cn.unitid.a.a.a.d.i.m;
import cn.unitid.a.a.a.f.a.a;
import cn.unitid.a.a.a.f.a.b;
import cn.unitid.a.a.a.g.a.i;
import cn.unitid.easypki.provider.identifier.EPAlgorithmIdentifier;
import cn.unitid.easypki.security.ec.ECDomainParametersHelper;
import cn.unitid.easypki.security.sm2.SM2;
import cn.unitid.easypki.security.sm2.SM2Result;
import cn.unitid.easypki.security.sm3.SM3Digest;
import com.facebook.stetho.dumpapp.Framer;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.SignatureException;
import java.security.cert.Certificate;

/* loaded from: classes2.dex */
public class SM2Signature {
    private a privateKey;
    private b publicKey;
    private byte[] userID = {Framer.STDOUT_FRAME_PREFIX, Framer.STDERR_FRAME_PREFIX, 51, 52, 53, 54, 55, 56, Framer.STDOUT_FRAME_PREFIX, Framer.STDERR_FRAME_PREFIX, 51, 52, 53, 54, 55, 56};
    private int mode = 0;
    private SM3Digest sm3Digest = new SM3Digest();

    private byte[] calculateSignature(SM2 sm2, byte[] bArr) throws IOException {
        SM2Result sM2Result = new SM2Result();
        sm2.sm2Sign(bArr, this.privateKey.b(), sM2Result);
        return new cn.unitid.easypki.asn1.sm2.application.SM2Signature(sM2Result.r.toByteArray(), sM2Result.s.toByteArray()).toASN1Primitive().getEncoded();
    }

    public byte[] digestSign(byte[] bArr) throws SignatureException, InvalidKeyException {
        if (bArr == null) {
            throw new NullPointerException("digest should not be null.");
        }
        if (this.mode != 1) {
            throw new InvalidKeyException("please initialize private key first.");
        }
        try {
            return calculateSignature(new SM2(), bArr);
        } catch (Exception e) {
            throw new SignatureException("failed to sign data,error:" + e.getMessage(), e);
        }
    }

    public final String getAlgorithm() {
        return "1.2.156.10197.1.501";
    }

    public void initSign(a aVar) {
        if (aVar == null) {
            throw new NullPointerException("ECPrivateKey must not be null.");
        }
        this.privateKey = aVar;
        if (this.publicKey == null) {
            this.publicKey = new cn.unitid.a.a.a.e.b.a.a.b(EPAlgorithmIdentifier.SM2_ALGORITHM_OID, new m(ECDomainParametersHelper.getECPointG().a(this.privateKey.b()), ECDomainParametersHelper.getECDomainParameters()), ECDomainParametersHelper.getECParameterSpec(), cn.unitid.a.a.a.f.b.a.a);
        }
        i q2 = this.publicKey.getQ();
        this.sm3Digest.addId(q2.g().a(), q2.h().a(), this.userID);
        this.mode = 1;
    }

    public void initSign(a aVar, b bVar) {
        if (bVar == null) {
            throw new NullPointerException("ECPublicKey must not be null.");
        }
        this.publicKey = bVar;
        if (aVar == null) {
            throw new NullPointerException("ECPrivateKey must not be null.");
        }
        this.privateKey = aVar;
        i q2 = bVar.getQ();
        this.sm3Digest.addId(q2.g().a(), q2.h().a(), this.userID);
        this.mode = 1;
    }

    public void initUserID(String str) {
        if (str != null) {
            this.userID = str.getBytes();
        }
    }

    public void initVerify(b bVar) throws InvalidKeyException {
        if (bVar == null) {
            throw new NullPointerException("ECPublicKey should not be null.");
        }
        this.publicKey = bVar;
        i q2 = bVar.getQ();
        this.sm3Digest.addId(q2.g().a(), q2.h().a(), this.userID);
        this.mode = 2;
    }

    public void initVerify(Certificate certificate) throws InvalidKeyException {
        initVerify((b) certificate.getPublicKey());
    }

    public byte[] sign() throws SignatureException, InvalidKeyException {
        return sign(null);
    }

    public byte[] sign(cn.unitid.a.a.a.d.a aVar) throws SignatureException, InvalidKeyException {
        if (this.mode != 1) {
            throw new InvalidKeyException("please initialize private key first.");
        }
        SM2 sm2 = new SM2();
        sm2.presetTemporaryKeyPair(aVar);
        try {
            byte[] bArr = new byte[32];
            this.sm3Digest.doFinal(bArr, 0);
            return calculateSignature(sm2, bArr);
        } catch (Exception unused) {
            throw new SignatureException("failed to sign data");
        }
    }

    public void update(byte[] bArr) throws SignatureException {
        if (bArr == null) {
            throw new SignatureException("data cannot be null");
        }
        if (this.mode == 0) {
            throw new SignatureException("please initialize first.");
        }
        this.sm3Digest.update(bArr, 0, bArr.length);
    }

    public boolean verify(byte[] bArr) throws SignatureException, InvalidKeyException {
        cn.unitid.easypki.asn1.sm2.application.SM2Signature sM2Signature = cn.unitid.easypki.asn1.sm2.application.SM2Signature.getInstance(bArr);
        if (this.mode != 2) {
            throw new InvalidKeyException("please initialize certificate or public key first.");
        }
        SM2Result sM2Result = new SM2Result();
        try {
            byte[] bArr2 = new byte[32];
            this.sm3Digest.doFinal(bArr2, 0);
            new SM2().sm2Verify(bArr2, this.publicKey.getQ(), sM2Signature, sM2Result);
            return sM2Signature.getR().d().equals(sM2Result.R);
        } catch (Exception e) {
            throw new SignatureException("sign error: " + e.getMessage(), e);
        }
    }
}
