package org.openeuler;

import java.io.IOException;
import java.math.BigInteger;
import java.security.AlgorithmParameters;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.InvalidParameterException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.ProviderException;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.SignatureException;
import java.security.SignatureSpi;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.ECPublicKey;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.ECParameterSpec;
import java.security.spec.ECPoint;
import org.openeuler.gm.GMConstants;
import org.openeuler.org.bouncycastle.SM2ParameterSpec;
import org.openeuler.sun.security.ec.ECKeyFactory;
import org.openeuler.util.GMUtil;
import org.openeuler.util.Util;
import sun.security.util.DerInputStream;
import sun.security.util.DerOutputStream;
import sun.security.util.DerValue;
import sun.security.util.ECUtil;

/* loaded from: input_file:org/openeuler/SM2Signature.class */
public class SM2Signature extends SignatureSpi {
    private final MessageDigest digest;
    private ECPrivateKey privateKey;
    private ECPublicKey publicKey;
    private SM2ParameterSpec sigParams;
    private ECPoint pubPoint;

    /* loaded from: input_file:org/openeuler/SM2Signature$SM3withSM2.class */
    public static final class SM3withSM2 extends SM2Signature {
        public SM3withSM2() throws NoSuchAlgorithmException {
            super("SM3");
        }
    }

    SM2Signature(String str) {
        try {
            this.digest = MessageDigest.getInstance(str);
        } catch (NoSuchAlgorithmException e) {
            throw new ProviderException(e);
        }
    }

    @Override // java.security.SignatureSpi
    protected void engineInitVerify(PublicKey publicKey) throws InvalidKeyException {
        this.publicKey = (ECPublicKey) ECKeyFactory.toECKey(publicKey);
        if (!isCompatible(this.sigParams, this.publicKey.getParams())) {
            throw new InvalidKeyException("Key params does not match signature params");
        }
        this.pubPoint = ((ECPublicKey) publicKey).getW();
        initZ(this.publicKey.getParams());
    }

    @Override // java.security.SignatureSpi
    protected void engineInitSign(PrivateKey privateKey) throws InvalidKeyException {
        this.privateKey = (ECPrivateKey) ECKeyFactory.toECKey(privateKey);
        if (!isCompatible(this.sigParams, this.privateKey.getParams())) {
            throw new InvalidKeyException("Key params does not match signature params");
        }
        ECParameterSpec params = this.privateKey.getParams();
        this.pubPoint = GMUtil.multiply(params.getGenerator(), this.privateKey.getS(), params.getCurve());
        initZ(params);
    }

    @Override // java.security.SignatureSpi
    protected void engineUpdate(byte b) throws SignatureException {
        this.digest.update(b);
    }

    @Override // java.security.SignatureSpi
    protected void engineUpdate(byte[] bArr, int i, int i2) throws SignatureException {
        this.digest.update(bArr, i, i2);
    }

    @Override // java.security.SignatureSpi
    protected byte[] engineSign() throws SignatureException {
        try {
            BigInteger bigInteger = new BigInteger(1, this.digest.digest());
            ECParameterSpec params = this.privateKey.getParams();
            BigInteger order = params.getOrder();
            BigInteger s = this.privateKey.getS();
            while (true) {
                BigInteger createRandomBigInteger = Util.createRandomBigInteger(order.bitLength(), this.appRandom);
                if (createRandomBigInteger.compareTo(BigInteger.ONE) >= 0 && createRandomBigInteger.compareTo(order) < 0) {
                    BigInteger mod = bigInteger.add(GMUtil.multiply(params.getGenerator(), createRandomBigInteger, params.getCurve()).getAffineX()).mod(order);
                    if (!mod.equals(BigInteger.ZERO) && !mod.add(createRandomBigInteger).equals(order)) {
                        BigInteger mod2 = s.add(BigInteger.ONE).modInverse(order).multiply(createRandomBigInteger.subtract(mod.multiply(s).mod(order)).mod(order)).mod(order);
                        if (!mod2.equals(BigInteger.ZERO)) {
                            return encodeSignature(mod, mod2);
                        }
                    }
                }
            }
        } catch (Exception e) {
            throw new SignatureException("unable to create signature: " + e.getMessage());
        }
    }

    @Override // java.security.SignatureSpi
    protected boolean engineVerify(byte[] bArr) throws SignatureException {
        try {
            ECParameterSpec params = this.publicKey.getParams();
            BigInteger order = params.getOrder();
            BigInteger[] decodeSignature = decodeSignature(order, bArr);
            BigInteger bigInteger = decodeSignature[0];
            BigInteger bigInteger2 = decodeSignature[1];
            if (bigInteger.compareTo(BigInteger.ZERO) <= 0 || bigInteger.compareTo(order) >= 0 || bigInteger2.compareTo(BigInteger.ZERO) <= 0 || bigInteger2.compareTo(order) >= 0) {
                return false;
            }
            BigInteger bigInteger3 = new BigInteger(1, this.digest.digest());
            BigInteger mod = bigInteger.add(bigInteger2).mod(order);
            if (mod.equals(BigInteger.ZERO)) {
                return false;
            }
            ECPoint add = GMUtil.add(GMUtil.multiply(params.getGenerator(), bigInteger2, params.getCurve()), GMUtil.multiply(this.pubPoint, mod, params.getCurve()));
            if (add.equals(ECPoint.POINT_INFINITY)) {
                return false;
            }
            return bigInteger3.add(add.getAffineX()).mod(order).equals(bigInteger);
        } catch (Exception e) {
            throw new SignatureException(e.getMessage());
        }
    }

    @Override // java.security.SignatureSpi
    @Deprecated
    protected void engineSetParameter(String str, Object obj) throws InvalidParameterException {
        throw new UnsupportedOperationException("setParameter() not supported");
    }

    @Override // java.security.SignatureSpi
    protected void engineSetParameter(AlgorithmParameterSpec algorithmParameterSpec) throws InvalidAlgorithmParameterException {
        if (!(algorithmParameterSpec instanceof SM2ParameterSpec)) {
            throw new InvalidAlgorithmParameterException("only SM2ParameterSpec supported");
        }
        this.sigParams = (SM2ParameterSpec) algorithmParameterSpec;
    }

    @Override // java.security.SignatureSpi
    @Deprecated
    protected Object engineGetParameter(String str) throws InvalidParameterException {
        throw new UnsupportedOperationException("getParameter() not supported");
    }

    @Override // java.security.SignatureSpi
    protected AlgorithmParameters engineGetParameters() {
        if (this.sigParams == null || this.sigParams.getParams() == null) {
            return null;
        }
        try {
            AlgorithmParameters algorithmParameters = AlgorithmParameters.getInstance(GMConstants.EC);
            algorithmParameters.init(this.sigParams.getParams());
            return algorithmParameters;
        } catch (Exception e) {
            throw new ProviderException("Error retrieving EC parameters", e);
        }
    }

    private byte[] getId() {
        byte[] bArr;
        if (this.appRandom == null) {
            this.appRandom = new SecureRandom();
        }
        if (this.sigParams == null || this.sigParams.getId() == null) {
            bArr = org.openeuler.constant.GMConstants.DEFAULT_ID;
        } else {
            bArr = this.sigParams.getId();
            if (bArr.length >= 8192) {
                throw new IllegalArgumentException("SM2 user ID must be less than 2^16 bits long");
            }
        }
        return bArr;
    }

    private byte[] getEntLen() {
        byte[] id = getId();
        return new byte[]{(byte) (((id.length * 8) >> 8) & 255), (byte) ((id.length * 8) & 255)};
    }

    private byte[] getZ(ECParameterSpec eCParameterSpec) {
        byte[] entLen = getEntLen();
        byte[] id = getId();
        int fieldSize = (eCParameterSpec.getCurve().getField().getFieldSize() + 7) / 8;
        this.digest.update(entLen);
        this.digest.update(id);
        this.digest.update(Util.asUnsignedByteArray(fieldSize, eCParameterSpec.getCurve().getA()));
        this.digest.update(Util.asUnsignedByteArray(fieldSize, eCParameterSpec.getCurve().getB()));
        this.digest.update(Util.asUnsignedByteArray(fieldSize, eCParameterSpec.getGenerator().getAffineX()));
        this.digest.update(Util.asUnsignedByteArray(fieldSize, eCParameterSpec.getGenerator().getAffineY()));
        this.digest.update(Util.asUnsignedByteArray(fieldSize, this.pubPoint.getAffineX()));
        this.digest.update(Util.asUnsignedByteArray(fieldSize, this.pubPoint.getAffineY()));
        return this.digest.digest();
    }

    private void initZ(ECParameterSpec eCParameterSpec) {
        this.digest.reset();
        byte[] z = getZ(eCParameterSpec);
        this.digest.reset();
        this.digest.update(z);
    }

    private byte[] encodeSignature(BigInteger bigInteger, BigInteger bigInteger2) throws IOException {
        DerOutputStream derOutputStream = new DerOutputStream();
        derOutputStream.putInteger(bigInteger);
        derOutputStream.putInteger(bigInteger2);
        return new DerValue((byte) 48, derOutputStream.toByteArray()).toByteArray();
    }

    private BigInteger[] decodeSignature(BigInteger bigInteger, byte[] bArr) throws SignatureException {
        try {
            DerInputStream derInputStream = new DerInputStream(bArr, 0, bArr.length, false);
            DerValue[] sequence = derInputStream.getSequence(2);
            if (sequence.length != 2 || derInputStream.available() != 0) {
                throw new IOException("Invalid encoding for signature");
            }
            BigInteger positiveBigInteger = sequence[0].getPositiveBigInteger();
            BigInteger positiveBigInteger2 = sequence[1].getPositiveBigInteger();
            if (positiveBigInteger.signum() < 0 || (null != bigInteger && positiveBigInteger.compareTo(bigInteger) >= 0)) {
                throw new IllegalArgumentException("Value out of range");
            }
            if (positiveBigInteger2.signum() < 0 || (null != bigInteger && positiveBigInteger2.compareTo(bigInteger) >= 0)) {
                throw new IllegalArgumentException("Value out of range");
            }
            return new BigInteger[]{positiveBigInteger, positiveBigInteger2};
        } catch (Exception e) {
            throw new SignatureException("Invalid encoding for signature", e);
        }
    }

    private static boolean isCompatible(SM2ParameterSpec sM2ParameterSpec, ECParameterSpec eCParameterSpec) {
        if (sM2ParameterSpec == null || sM2ParameterSpec.getParams() == null) {
            return true;
        }
        return ECUtil.equals(sM2ParameterSpec.getParams(), eCParameterSpec);
    }
}
