package com.fshows.util.fjnx;

import java.io.ByteArrayInputStream;
import java.math.BigInteger;
import java.nio.charset.StandardCharsets;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Security;
import java.security.Signature;
import java.security.cert.X509Certificate;
import java.util.Base64;
import java.util.Objects;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.gm.GMNamedCurves;
import org.bouncycastle.asn1.gm.GMObjectIdentifiers;
import org.bouncycastle.asn1.x9.X9ECParameters;
import org.bouncycastle.crypto.engines.SM2Engine;
import org.bouncycastle.crypto.params.ECNamedDomainParameters;
import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
import org.bouncycastle.crypto.params.ECPublicKeyParameters;
import org.bouncycastle.crypto.params.ParametersWithRandom;
import org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPrivateKey;
import org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPublicKey;
import org.bouncycastle.jcajce.provider.asymmetric.ec.KeyPairGeneratorSpi;
import org.bouncycastle.jcajce.provider.asymmetric.x509.CertificateFactory;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.jce.spec.ECParameterSpec;
import org.bouncycastle.jce.spec.ECPrivateKeySpec;
import org.bouncycastle.jce.spec.ECPublicKeySpec;
import org.bouncycastle.util.encoders.Hex;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/fshows/util/fjnx/SM2Utils.class */
public class SM2Utils {
    private static final String EC = "EC";
    private static final Logger log = LoggerFactory.getLogger(SM2Utils.class);
    private static final Base64.Encoder BASE64_ENCODER = Base64.getEncoder();
    private static final Base64.Decoder BASE64_DECODER = Base64.getDecoder();
    private static final BouncyCastleProvider PROVIDER = new BouncyCastleProvider();

    public static SM2KeyPair<byte[], BigInteger> genKeyPair() {
        return genKeyPair(false);
    }

    public static SM2KeyPair<byte[], BigInteger> genKeyPair(boolean z) {
        KeyPairGeneratorSpi.EC ec = new KeyPairGeneratorSpi.EC();
        X9ECParameters byOID = GMNamedCurves.getByOID(GMObjectIdentifiers.sm2p256v1);
        ec.initialize(new ECParameterSpec(byOID.getCurve(), byOID.getG(), byOID.getN()), new SecureRandom());
        KeyPair generateKeyPair = ec.generateKeyPair();
        return new SM2KeyPair<>(generateKeyPair.getPublic().getQ().getEncoded(z), generateKeyPair.getPrivate().getD());
    }

    public static SM2KeyPair<String, String> genKeyPairAsHex() {
        return genKeyPairAsHex(false);
    }

    public static SM2KeyPair<String, String> genKeyPairAsHex(boolean z) {
        SM2KeyPair<byte[], BigInteger> genKeyPair = genKeyPair(z);
        return new SM2KeyPair<>(Hex.toHexString(genKeyPair.getPublic()), genKeyPair.getPrivate().toString(16));
    }

    public static SM2KeyPair<String, String> genKeyPairAsBase64() {
        return genKeyPairAsBase64(false);
    }

    public static SM2KeyPair<String, String> genKeyPairAsBase64(boolean z) {
        SM2KeyPair<byte[], BigInteger> genKeyPair = genKeyPair(z);
        return new SM2KeyPair<>(BASE64_ENCODER.encodeToString(genKeyPair.getPublic()), BASE64_ENCODER.encodeToString(genKeyPair.getPrivate().toByteArray()));
    }

    public static byte[] encrypt(byte[] bArr, byte[] bArr2) {
        return encrypt(bArr, bArr2, SM2Engine.Mode.C1C3C2);
    }

    public static byte[] encrypt(byte[] bArr, byte[] bArr2, SM2Engine.Mode mode) {
        ASN1ObjectIdentifier aSN1ObjectIdentifier = GMObjectIdentifiers.sm2p256v1;
        X9ECParameters byOID = GMNamedCurves.getByOID(aSN1ObjectIdentifier);
        ECPublicKeyParameters eCPublicKeyParameters = new ECPublicKeyParameters(byOID.getCurve().decodePoint(bArr), new ECNamedDomainParameters(aSN1ObjectIdentifier, byOID.getCurve(), byOID.getG(), byOID.getN()));
        SM2Engine sM2Engine = new SM2Engine(mode);
        sM2Engine.init(true, new ParametersWithRandom(eCPublicKeyParameters, new SecureRandom()));
        return sM2Engine.processBlock(bArr2, 0, bArr2.length);
    }

    public static String encryptHex(String str, String str2) {
        return encryptHex(str, str2, SM2Engine.Mode.C1C3C2);
    }

    public static String encryptHex(String str, String str2, SM2Engine.Mode mode) {
        return Hex.toHexString(encrypt(Hex.decode(str), str2.getBytes(StandardCharsets.UTF_8), mode));
    }

    public static String encryptBase64(String str, String str2) {
        return encryptBase64(str, str2, SM2Engine.Mode.C1C3C2);
    }

    public static String encryptBase64(String str, String str2, SM2Engine.Mode mode) {
        return BASE64_ENCODER.encodeToString(encrypt(BASE64_DECODER.decode(str), str2.getBytes(StandardCharsets.UTF_8), mode));
    }

    public static byte[] decrypt(BigInteger bigInteger, byte[] bArr) {
        return decrypt(bigInteger, bArr, SM2Engine.Mode.C1C3C2);
    }

    public static byte[] decrypt(BigInteger bigInteger, byte[] bArr, SM2Engine.Mode mode) {
        ASN1ObjectIdentifier aSN1ObjectIdentifier = GMObjectIdentifiers.sm2p256v1;
        X9ECParameters byOID = GMNamedCurves.getByOID(aSN1ObjectIdentifier);
        ECPrivateKeyParameters eCPrivateKeyParameters = new ECPrivateKeyParameters(bigInteger, new ECNamedDomainParameters(aSN1ObjectIdentifier, byOID.getCurve(), byOID.getG(), byOID.getN()));
        SM2Engine sM2Engine = new SM2Engine(mode);
        sM2Engine.init(false, eCPrivateKeyParameters);
        if (bArr[0] == 4) {
            return sM2Engine.processBlock(bArr, 0, bArr.length);
        }
        byte[] bArr2 = new byte[bArr.length + 1];
        bArr2[0] = 4;
        System.arraycopy(bArr, 0, bArr2, 1, bArr.length);
        return sM2Engine.processBlock(bArr2, 0, bArr2.length);
    }

    public static String decryptHex(String str, String str2) {
        return decryptHex(str, str2, SM2Engine.Mode.C1C3C2);
    }

    public static String decryptHex(String str, String str2, SM2Engine.Mode mode) {
        return new String(decrypt(new BigInteger(str, 16), Hex.decode(str2), mode), StandardCharsets.UTF_8);
    }

    public static String decryptBase64(String str, String str2) {
        return decryptBase64(str, str2, SM2Engine.Mode.C1C3C2);
    }

    public static String decryptBase64(String str, String str2, SM2Engine.Mode mode) {
        return new String(decrypt(new BigInteger(BASE64_DECODER.decode(str)), BASE64_DECODER.decode(str2), mode), StandardCharsets.UTF_8);
    }

    public static String sign(String str, BigInteger bigInteger) throws GeneralSecurityException {
        X9ECParameters byOID = GMNamedCurves.getByOID(GMObjectIdentifiers.sm2p256v1);
        PrivateKey bCECPrivateKey = new BCECPrivateKey(EC, new ECPrivateKeySpec(bigInteger, new ECParameterSpec(byOID.getCurve(), byOID.getG(), byOID.getN())), BouncyCastleProvider.CONFIGURATION);
        Signature signature = Signature.getInstance(GMObjectIdentifiers.sm2sign_with_sm3.toString(), (Provider) PROVIDER);
        signature.initSign(bCECPrivateKey);
        signature.update(str.getBytes(StandardCharsets.UTF_8));
        return BASE64_ENCODER.encodeToString(signature.sign());
    }

    public static boolean verify(String str, String str2, byte[] bArr) throws GeneralSecurityException {
        X9ECParameters byOID = GMNamedCurves.getByOID(GMObjectIdentifiers.sm2p256v1);
        PublicKey bCECPublicKey = new BCECPublicKey(EC, new ECPublicKeySpec(byOID.getCurve().decodePoint(bArr), new ECParameterSpec(byOID.getCurve(), byOID.getG(), byOID.getN())), BouncyCastleProvider.CONFIGURATION);
        Signature signature = Signature.getInstance(GMObjectIdentifiers.sm2sign_with_sm3.toString(), (Provider) PROVIDER);
        signature.initVerify(bCECPublicKey);
        signature.update(str.getBytes(StandardCharsets.UTF_8));
        return signature.verify(BASE64_DECODER.decode(str2));
    }

    public static boolean certVerify(String str, String str2, String str3) throws GeneralSecurityException {
        X509Certificate x509Certificate = (X509Certificate) new CertificateFactory().engineGenerateCertificate(new ByteArrayInputStream(BASE64_DECODER.decode(str)));
        Signature signature = Signature.getInstance(x509Certificate.getSigAlgName(), (Provider) PROVIDER);
        signature.initVerify(x509Certificate);
        signature.update(str2.getBytes(StandardCharsets.UTF_8));
        return signature.verify(BASE64_DECODER.decode(str3));
    }

    public static void main(String[] strArr) {
        SM2KeyPair<String, String> genKeyPairAsBase64 = genKeyPairAsBase64();
        log.debug("\n公钥 : {}\n私钥 : {}", genKeyPairAsBase64.getPublic(), genKeyPairAsBase64.getPrivate());
        String encryptBase64 = encryptBase64("046e0df2c1cf15f57f59dc3ee13aecc6d25efc4bacb2e503423b2119b60ce79a2b6bf57eca1bc76df9446f2b63ee56c2f8eb8e8dd7e072a6db037a5d8d66623f48", "123456");
        log.debug("\n加密 : {}\n解密 : {}", encryptBase64, decryptBase64("f2ad7ce861f362caf026725b3e9558c5477e7e0f55a476b1a2200d43425a0e1b", encryptBase64));
        try {
            String sign = sign("123456", new BigInteger(BASE64_DECODER.decode("f2ad7ce861f362caf026725b3e9558c5477e7e0f55a476b1a2200d43425a0e1b")));
            log.debug("\n签名 : {}\n验签 : {}", sign, Boolean.valueOf(verify("123456", sign, BASE64_DECODER.decode("046e0df2c1cf15f57f59dc3ee13aecc6d25efc4bacb2e503423b2119b60ce79a2b6bf57eca1bc76df9446f2b63ee56c2f8eb8e8dd7e072a6db037a5d8d66623f48"))));
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    static {
        if (Objects.isNull(Security.getProvider("BC"))) {
            Security.addProvider(PROVIDER);
        }
    }
}
