package cn.com.syan.jce.baseSpi;

import cn.com.syan.jce.implSpi.SDFKeyStoreSpi;
import cn.com.syan.jce.service.JceService;
import cn.com.syan.jce.service.impl.JceServiceImpl;
import cn.com.syan.jce.spec.SM2ParameterSpec;
import cn.com.syan.sdfapi.DCUtil;
import java.security.InvalidKeyException;
import java.security.InvalidParameterException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SignatureException;
import java.security.SignatureSpi;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import org.bouncycastle.crypto.CryptoServicesRegistrar;
import org.bouncycastle.crypto.params.ECDomainParameters;
import org.bouncycastle.crypto.params.ECKeyParameters;
import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
import org.bouncycastle.crypto.params.ECPublicKeyParameters;
import org.bouncycastle.crypto.params.ParametersWithRandom;
import org.bouncycastle.crypto.signers.RandomDSAKCalculator;
import org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPrivateKey;
import org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPublicKey;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.jce.spec.ECParameterSpec;
import org.bouncycastle.math.ec.ECMultiplier;
import org.bouncycastle.math.ec.FixedPointCombMultiplier;

/* loaded from: input_file:cn/com/syan/jce/baseSpi/SignatureBaseSpi.class */
public abstract class SignatureBaseSpi extends SignatureSpi {
    protected long ret;
    protected byte[] userId;
    protected PublicKey publicKey;
    protected PrivateKey privateKey;
    protected int keyIndex;
    protected boolean pinValidate;
    protected int hash_algorithm;
    private byte[] data = new byte[0];
    protected boolean external = false;
    protected JceService jceService = new JceServiceImpl();

    protected abstract byte[] sign(byte[] bArr) throws SignatureException;

    protected abstract boolean verify(byte[] bArr, byte[] bArr2) throws SignatureException;

    @Override // java.security.SignatureSpi
    protected void engineInitVerify(PublicKey publicKey) {
        this.publicKey = publicKey;
    }

    @Override // java.security.SignatureSpi
    protected void engineInitSign(PrivateKey privateKey) throws InvalidKeyException {
        this.privateKey = privateKey;
        String algorithm = privateKey.getAlgorithm();
        String[] split = algorithm.split("/");
        if (split.length > 1) {
            this.keyIndex = Integer.parseInt(split[1]);
            int accessPrivateKey = this.jceService.accessPrivateKey(privateKey, this.keyIndex, SDFKeyStoreSpi.PIN.getBytes(), SDFKeyStoreSpi.PIN.length());
            this.pinValidate = accessPrivateKey == 0;
            if (accessPrivateKey != 0) {
                throw new InvalidKeyException("PIN码认证失败");
            }
            return;
        }
        this.external = true;
        if (algorithm.equalsIgnoreCase("EC")) {
            try {
                ECPrivateKeyParameters eCPrivateKeyParameters = (ECKeyParameters) new ParametersWithRandom(convertPrivateKeyToParameters(convertPKCS8ToECPrivateKey(privateKey.getEncoded()))).getParameters();
                ECDomainParameters parameters = eCPrivateKeyParameters.getParameters();
                new RandomDSAKCalculator().init(parameters.getN(), CryptoServicesRegistrar.getSecureRandom());
                ECPublicKeyParameters eCPublicKeyParameters = new ECPublicKeyParameters(createBasePointMultiplier().multiply(parameters.getG(), eCPrivateKeyParameters.getD()).normalize(), new ECDomainParameters(parameters.getCurve(), parameters.getG(), parameters.getN(), parameters.getH()));
                ECDomainParameters parameters2 = eCPublicKeyParameters.getParameters();
                this.publicKey = new BCECPublicKey("EC", eCPublicKeyParameters, new ECParameterSpec(parameters2.getCurve(), parameters2.getG(), parameters2.getN(), parameters2.getH()), BouncyCastleProvider.CONFIGURATION);
            } catch (NoSuchAlgorithmException e) {
                e.printStackTrace();
            } catch (NoSuchProviderException e2) {
                e2.printStackTrace();
            } catch (InvalidKeySpecException e3) {
                e3.printStackTrace();
            }
        }
    }

    protected ECMultiplier createBasePointMultiplier() {
        return new FixedPointCombMultiplier();
    }

    public static ECPrivateKeyParameters convertPrivateKeyToParameters(BCECPrivateKey bCECPrivateKey) {
        ECParameterSpec parameters = bCECPrivateKey.getParameters();
        return new ECPrivateKeyParameters(bCECPrivateKey.getD(), new ECDomainParameters(parameters.getCurve(), parameters.getG(), parameters.getN(), parameters.getH()));
    }

    public static BCECPrivateKey convertPKCS8ToECPrivateKey(byte[] bArr) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeySpecException {
        return KeyFactory.getInstance("EC", "BC").generatePrivate(new PKCS8EncodedKeySpec(bArr));
    }

    @Override // java.security.SignatureSpi
    protected void engineUpdate(byte b) throws SignatureException {
        byte[] bArr = {b};
        if (this.hash_algorithm != 0) {
            update(this.data);
        } else {
            this.data = DCUtil.addBytes(this.data, bArr);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // java.security.SignatureSpi
    public void engineUpdate(byte[] bArr, int i, int i2) throws SignatureException {
        byte[] byteSub = DCUtil.byteSub(bArr, i, i2);
        if (this.hash_algorithm != 0) {
            update(byteSub);
        } else {
            this.data = DCUtil.addBytes(this.data, byteSub);
        }
    }

    @Override // java.security.SignatureSpi
    protected byte[] engineSign() throws SignatureException {
        return sign(this.data);
    }

    @Override // java.security.SignatureSpi
    protected boolean engineVerify(byte[] bArr) throws SignatureException {
        return verify(this.data, bArr);
    }

    @Override // java.security.SignatureSpi
    protected void engineSetParameter(String str, Object obj) throws InvalidParameterException {
    }

    @Override // java.security.SignatureSpi
    protected void engineSetParameter(AlgorithmParameterSpec algorithmParameterSpec) throws InvalidParameterException {
        if (algorithmParameterSpec instanceof SM2ParameterSpec) {
            this.userId = ((SM2ParameterSpec) algorithmParameterSpec).getID();
        }
    }

    @Override // java.security.SignatureSpi
    protected Object engineGetParameter(String str) throws InvalidParameterException {
        return null;
    }

    protected void update(byte[] bArr) throws SignatureException {
        if (this.ret != 0) {
            throw new SignatureException("杂凑失败，Error code：" + String.format("0x%2X", Long.valueOf(this.ret)));
        }
        this.ret = this.jceService.hashUpdate(bArr);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public byte[] hashFinal() throws SignatureException {
        byte[] bArr = new byte[32];
        int[] iArr = {bArr.length};
        if (this.ret != 0) {
            throw new SignatureException("杂凑失败，Error code：" + String.format("0x%2X", Long.valueOf(this.ret)));
        }
        this.ret = this.jceService.hashFinal(bArr, iArr);
        return DCUtil.byteSub(bArr, 0, iArr[0]);
    }

    protected byte[] hash(int i, byte[] bArr, byte[] bArr2) throws SignatureException {
        return this.jceService.getHash(i, bArr, bArr2, this.publicKey);
    }

    protected void finalize() throws Throwable {
        this.jceService.closeSession();
        super.finalize();
    }
}
