package com.fshows.util.fnefpay.gm;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.FileInputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.PublicKey;
import java.util.Arrays;
import shaded.org.bouncycastle.asn1.ASN1Integer;
import shaded.org.bouncycastle.asn1.ASN1ObjectIdentifier;
import shaded.org.bouncycastle.asn1.ASN1Sequence;
import shaded.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import shaded.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import shaded.org.bouncycastle.asn1.x509.Certificate;
import shaded.org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
import shaded.org.bouncycastle.crypto.params.ECDomainParameters;
import shaded.org.bouncycastle.crypto.params.ECPublicKeyParameters;
import shaded.org.bouncycastle.math.ec.ECPoint;
import shaded.org.bouncycastle.util.encoders.Base64;
import shaded.org.bouncycastle.util.encoders.Hex;

/* loaded from: input_file:com/fshows/util/fnefpay/gm/X509Cert_SM2.class */
public class X509Cert_SM2 {
    private static final byte[] headBytes = "-----BEGIN CERTIFICATE-----".getBytes();
    private static final int headLength = headBytes.length;
    private static final byte[] endBytes = "-----END CERTIFICATE-----".getBytes();
    private static final int endLength = endBytes.length;
    private final Certificate cert;
    private PublicKey publicKey;

    public X509Cert_SM2(byte[] bArr) throws Exception {
        this(certFrom(bArr), 0);
    }

    public X509Cert_SM2(String str) throws Exception {
        this(certFrom(str), 0);
    }

    private static final Certificate certFrom(String str) throws Exception {
        if (str == null) {
            throw new Exception("null not allowed for parameters@certFilePath");
        }
        try {
            return certFrom(read(str));
        } catch (IOException e) {
            throw e;
        }
    }

    X509Cert_SM2(Certificate certificate, int i) throws Exception {
        if (certificate == null) {
            throw new Exception("null not allowed for parameters@certificate");
        }
        this.cert = certificate;
    }

    private static final Certificate certFrom(byte[] bArr) throws Exception {
        try {
            byte[] filterPEMText = filterPEMText(bArr);
            if (!isDERSequence(filterPEMText) && !isBERSequence(filterPEMText)) {
                filterPEMText = Base64.decode(filterPEMText);
            }
            return Certificate.getInstance(ASN1Sequence.getInstance(filterPEMText));
        } catch (Exception e) {
            throw new Exception(e);
        }
    }

    public static final byte[] filterPEMText(byte[] bArr) {
        byte[] bArr2 = new byte[headLength];
        byte[] bArr3 = new byte[endLength];
        System.arraycopy(bArr, 0, bArr2, 0, headLength);
        boolean equals = Arrays.equals(bArr2, headBytes);
        if (equals) {
            bArr = deleteCRLF(bArr);
        }
        int length = bArr.length;
        System.arraycopy(bArr, length - endLength, bArr3, 0, endLength);
        boolean equals2 = Arrays.equals(bArr3, endBytes);
        int i = 0;
        int i2 = 0;
        byte[] bArr4 = null;
        if (equals && equals2) {
            i = headLength;
            i2 = (length - headLength) - endLength;
        } else if (!equals && equals2) {
            i = 0;
            i2 = length - endLength;
        } else if (!equals || equals2) {
            bArr4 = bArr;
        } else {
            i = headLength;
            i2 = length - headLength;
        }
        if (bArr4 == null) {
            bArr4 = new byte[i2];
            System.arraycopy(bArr, i, bArr4, 0, bArr4.length);
        }
        return bArr4;
    }

    public static byte[] deleteCRLF(byte[] bArr) {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        while (true) {
            byte read = (byte) byteArrayInputStream.read();
            if (read == -1) {
                return byteArrayOutputStream.toByteArray();
            }
            if (read != 10 && read != 13) {
                byteArrayOutputStream.write(read);
            }
        }
    }

    public Certificate getCert() {
        return this.cert;
    }

    public String getCertId() {
        return new BigInteger(this.cert.getSerialNumber().toString(), 10).toString(16);
    }

    public byte[] getPublicKey() {
        byte[] bytes = this.cert.getSubjectPublicKeyInfo().getPublicKeyData().getBytes();
        byte[] bArr = new byte[64];
        if (bytes.length == 64) {
            System.arraycopy(bytes, 0, bArr, 0, 64);
        } else if (bytes.length == 65) {
            System.arraycopy(bytes, 1, bArr, 0, 64);
        } else {
            if (bytes.length != 66) {
                return null;
            }
            System.arraycopy(bytes, 2, bArr, 0, 64);
        }
        return bArr;
    }

    public byte[] getSourceData() throws IOException {
        return this.cert.getTBSCertificate().getEncoded("DER");
    }

    public byte[] getSignature() {
        return this.cert.getSignature().getBytes();
    }

    public String toString() {
        StringBuffer stringBuffer = new StringBuffer();
        if (this.cert != null) {
            try {
                stringBuffer.append("\n SN: ");
                stringBuffer.append(this.cert.getSerialNumber().getValue().toString(16));
                stringBuffer.append("\n Issuer: ").append(this.cert.getIssuer());
                stringBuffer.append("\n Subject: ").append(this.cert.getSubject());
                stringBuffer.append("\n Validate: ");
                stringBuffer.append(this.cert.getStartDate());
                stringBuffer.append(", ");
                stringBuffer.append(this.cert.getEndDate());
                stringBuffer.append("\n SignatureAlgorithm: ");
                stringBuffer.append(this.cert.getSignatureAlgorithm().getAlgorithm().getId());
                stringBuffer.append("\n encoding: ");
                stringBuffer.append(Hex.toHexString(this.cert.getEncoded()));
                stringBuffer.append("\n signature: ");
                stringBuffer.append(Hex.toHexString(this.cert.getSignature().getBytes()));
            } catch (Exception e) {
                stringBuffer.append("dump cert detail failure: " + e.getMessage());
            }
        } else {
            stringBuffer.append("\n none content");
        }
        return stringBuffer.toString();
    }

    public static final byte[] read(String str) throws IOException {
        if (str == null) {
            throw new IllegalArgumentException("Illegal Argument: filePath");
        }
        FileInputStream fileInputStream = new FileInputStream(str);
        try {
            try {
                byte[] bArr = new byte[fileInputStream.available()];
                byte[] bArr2 = new byte[65536];
                int i = 0;
                while (true) {
                    int read = fileInputStream.read(bArr2, 0, bArr2.length);
                    if (read == -1) {
                        return bArr;
                    }
                    System.arraycopy(bArr2, 0, bArr, i, read);
                    i += read;
                }
            } catch (IOException e) {
                throw e;
            }
        } finally {
            fileInputStream.close();
        }
    }

    public static final boolean isBERSequence(byte[] bArr) throws Exception {
        if (bArr == null) {
            throw new Exception("encoding should not be null");
        }
        if (bArr.length < 4) {
            throw new Exception("encoding length less than 4");
        }
        if (bArr[0] != 48) {
            return false;
        }
        int i = 1 + 1;
        return (bArr[1] & 255) == 128 && bArr[bArr.length - 1] == 0 && bArr[bArr.length - 2] == 0;
    }

    public static final boolean isDERSequence(byte[] bArr) throws Exception {
        if (bArr == null) {
            throw new Exception("encoding should not be null");
        }
        if (bArr.length < 2) {
            throw new Exception("encoding length less than 4");
        }
        if (bArr[0] != 48) {
            return false;
        }
        int i = 1 + 1;
        int i2 = bArr[1] & 255;
        if (i2 == 128) {
            return false;
        }
        if (i2 > 127) {
            int i3 = i2 & 127;
            if (i3 > 4) {
                return false;
            }
            i2 = 0;
            for (int i4 = 0; i4 < i3; i4++) {
                int i5 = i;
                i++;
                i2 = (i2 << 8) + (bArr[i5] & 255);
            }
            if (i2 < 0) {
                return false;
            }
        }
        return bArr.length == i + i2;
    }

    public boolean isSm2CertType() {
        boolean z = false;
        ASN1ObjectIdentifier aSN1ObjectIdentifier = new ASN1ObjectIdentifier("1.2.156.197.1.301");
        ASN1ObjectIdentifier aSN1ObjectIdentifier2 = X9ObjectIdentifiers.id_ecPublicKey;
        ASN1ObjectIdentifier aSN1ObjectIdentifier3 = new ASN1ObjectIdentifier("1.2.156.10197.1.301");
        ASN1ObjectIdentifier aSN1ObjectIdentifier4 = new ASN1ObjectIdentifier("1.2.156.10197.1.501");
        ASN1ObjectIdentifier aSN1ObjectIdentifier5 = new ASN1ObjectIdentifier("1.2.156.197.1.501");
        if (this.cert != null) {
            AlgorithmIdentifier algorithm = this.cert.getSubjectPublicKeyInfo().getAlgorithm();
            String id = algorithm.getAlgorithm().getId();
            if (id.equals(PKCSObjectIdentifiers.rsaEncryption.getId())) {
                z = 2;
            } else if (id.equals(aSN1ObjectIdentifier2.getId())) {
                ASN1ObjectIdentifier parameters = algorithm.getParameters();
                if (parameters != null && (parameters instanceof ASN1ObjectIdentifier)) {
                    ASN1ObjectIdentifier aSN1ObjectIdentifier6 = parameters;
                    if (aSN1ObjectIdentifier6.equals(aSN1ObjectIdentifier)) {
                        z = true;
                    } else if (aSN1ObjectIdentifier6.equals(aSN1ObjectIdentifier3)) {
                        z = true;
                    }
                }
                if (!z) {
                    String id2 = this.cert.getSignatureAlgorithm().getAlgorithm().getId();
                    if (id2.equals(aSN1ObjectIdentifier4.getId())) {
                        z = true;
                    } else if (id2.equals(aSN1ObjectIdentifier5.getId())) {
                        z = true;
                    }
                }
            }
        }
        return z;
    }

    public PublicKey getPubKey() throws Exception {
        if (this.publicKey == null) {
            this.publicKey = buildPublicKey(this.cert);
        }
        return this.publicKey;
    }

    public final PublicKey buildPublicKey(Certificate certificate) throws Exception {
        byte[] bytes = certificate.getSubjectPublicKeyInfo().getPublicKeyData().getBytes();
        if (bytes == null || !(bytes.length == 64 || bytes.length == 65)) {
            throw new Exception("证书不正确");
        }
        int i = bytes.length == 65 ? 1 : 0;
        byte[] bArr = new byte[32];
        byte[] bArr2 = new byte[32];
        System.arraycopy(bytes, i, bArr, 0, 32);
        System.arraycopy(bytes, i + 32, bArr2, 0, 32);
        return new SM2PublicKey(bArr, bArr2);
    }

    /* JADX WARN: Multi-variable type inference failed */
    public boolean verify(PublicKey publicKey) throws Exception {
        boolean z;
        byte[] sourceData = getSourceData();
        byte[] signature = getSignature();
        if (sourceData == null || signature == null) {
            return false;
        }
        SM2PublicKey sM2PublicKey = (SM2PublicKey) publicKey;
        byte[] calcZ = sM2PublicKey.calcZ(null);
        SM3Digest sM3Digest = new SM3Digest();
        sM3Digest.update(calcZ, 0, calcZ.length);
        byte[] bArr = new byte[32];
        byte[] bArr2 = new byte[32];
        byte[] bArr3 = new byte[32];
        SM2_Result sM2_Result = new SM2_Result();
        if (signature.length == 64) {
            System.arraycopy(signature, 0, bArr2, 0, 32);
            System.arraycopy(signature, 32, bArr3, 0, 32);
        } else {
            if (signature.length <= 64) {
                return false;
            }
            ASN1Sequence aSN1Sequence = ASN1Sequence.getInstance(signature);
            ASN1Integer objectAt = aSN1Sequence.getObjectAt(0);
            ASN1Integer objectAt2 = aSN1Sequence.getObjectAt(1);
            bArr2 = SM2PublicKey.asUnsignedNByteArray(objectAt.getPositiveValue(), 32);
            bArr3 = SM2PublicKey.asUnsignedNByteArray(objectAt2.getPositiveValue(), 32);
        }
        sM3Digest.update(sourceData, 0, sourceData.length);
        sM3Digest.doFinal(bArr, 0);
        sM2_Result.r = new BigInteger(1, bArr2);
        sM2_Result.s = new BigInteger(1, bArr3);
        ECPoint q = sM2PublicKey.getQ();
        if (bArr == null || bArr.length != 32 || q == null || bArr2 == null || bArr3 == null) {
            z = false;
        } else {
            z = verifySignature(bArr, sM2_Result.r, sM2_Result.s, new ECPublicKeyParameters(q, SM2Params.sm2DomainParameters));
        }
        return z;
    }

    public static boolean verifySignature(byte[] bArr, BigInteger bigInteger, BigInteger bigInteger2, ECPublicKeyParameters eCPublicKeyParameters) {
        if (bArr == null) {
            throw new SecurityException("null not allowed for message");
        }
        if (bigInteger == null || bigInteger2 == null) {
            throw new SecurityException("null not allowed for r/s");
        }
        if (eCPublicKeyParameters == null) {
            throw new SecurityException("not Initialization");
        }
        if (!(eCPublicKeyParameters instanceof ECPublicKeyParameters)) {
            throw new SecurityException("key not ECPublicKeyParameters");
        }
        ECDomainParameters parameters = eCPublicKeyParameters.getParameters();
        BigInteger n = parameters.getN();
        if (bigInteger.compareTo(BigInteger.ONE) <= 0 || bigInteger.compareTo(n) > 0 || bigInteger2.compareTo(BigInteger.ONE) <= 0 || bigInteger2.compareTo(n) > 0) {
            return false;
        }
        BigInteger calculateE = calculateE(n, bArr);
        BigInteger mod = bigInteger.add(bigInteger2).mod(n);
        if (mod.equals(BigInteger.ZERO)) {
            return false;
        }
        ECPoint add = parameters.getG().multiply(bigInteger2).add(eCPublicKeyParameters.getQ().multiply(mod));
        if (add.isInfinity()) {
            return false;
        }
        return calculateE.add(add.normalize().getXCoord().toBigInteger()).mod(n).equals(bigInteger);
    }

    protected static BigInteger calculateE(BigInteger bigInteger, byte[] bArr) {
        BigInteger bigInteger2 = new BigInteger(1, bArr);
        int length = bArr.length * 8;
        int bitLength = bigInteger.bitLength();
        if (bitLength < length) {
            bigInteger2 = bigInteger2.shiftRight(length - bitLength);
        }
        return bigInteger2;
    }
}
