package com.iartschool.app.iart_school.pay;

import android.text.TextUtils;
import android.util.Base64;
import com.iartschool.app.iart_school.utils.newblankj.LogUtils;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Security;
import java.security.Signature;
import java.security.SignatureException;
import java.util.Enumeration;
import java.util.regex.Pattern;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1Encoding;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1OctetString;
import org.bouncycastle.asn1.ASN1Primitive;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.ASN1Set;
import org.bouncycastle.asn1.ASN1TaggedObject;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.gm.GMNamedCurves;
import org.bouncycastle.asn1.sec.ECPrivateKey;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.asn1.x9.X9ECParameters;
import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
import org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPrivateKey;
import org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPublicKey;
import org.bouncycastle.jcajce.spec.SM2ParameterSpec;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.jce.spec.ECParameterSpec;
import org.bouncycastle.jce.spec.ECPrivateKeySpec;
import org.bouncycastle.jce.spec.ECPublicKeySpec;
import org.bouncycastle.util.Arrays;
import org.bouncycastle.util.encoders.Hex;

/* loaded from: classes2.dex */
public class Sm2Util {
    private static final String DEFAULT_USERID = "1234567812345678";
    private static final int RS_LEN = 32;
    private static final String TAG = "Sm2Util";
    private static ECParameterSpec ecParameterSpec;
    private static X9ECParameters x9ECParameters;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes2.dex */
    public static class Asn1Sm2PriInfo {
        private AlgorithmIdentifier algId;
        private ASN1Set attributes;
        private ASN1OctetString privKey;

        private Asn1Sm2PriInfo(byte[] bArr) {
            Enumeration objects = ASN1Sequence.getInstance(bArr).getObjects();
            if (((ASN1Integer) objects.nextElement()).getValue().intValue() != 0) {
                throw new IllegalArgumentException("wrong version for private key info");
            }
            this.algId = AlgorithmIdentifier.getInstance(objects.nextElement());
            this.privKey = ASN1OctetString.getInstance(objects.nextElement());
            if (objects.hasMoreElements()) {
                this.attributes = ASN1Set.getInstance((ASN1TaggedObject) objects.nextElement());
            }
        }

        /* JADX INFO: Access modifiers changed from: private */
        public BigInteger getDInt() {
            try {
                return ECPrivateKey.getInstance(ASN1Primitive.fromByteArray(this.privKey.getOctets())).getKey();
            } catch (Exception unused) {
                LogUtils.e(Sm2Util.TAG, "GetDInt failed. ", false);
                return null;
            }
        }
    }

    static {
        X9ECParameters byName = GMNamedCurves.getByName("sm2p256v1");
        x9ECParameters = byName;
        ecParameterSpec = new ECParameterSpec(byName.getCurve(), x9ECParameters.getG(), x9ECParameters.getN());
        Security.removeProvider(BouncyCastleProvider.PROVIDER_NAME);
        Security.insertProviderAt(new BouncyCastleProvider(), 1);
    }

    private Sm2Util() {
    }

    private static byte[] getCoding(byte[] bArr) {
        if (bArr.length == 64 || bArr.length == 65) {
            if (bArr.length == 64) {
                byte[] bArr2 = new byte[65];
                bArr2[0] = 4;
                for (int i = 1; i < 65; i++) {
                    bArr2[i] = bArr[i - 1];
                }
                bArr = bArr2;
            }
            return (byte[]) bArr.clone();
        }
        AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, new ASN1ObjectIdentifier("1.2.156.10197.1.301"));
        SubjectPublicKeyInfo subjectPublicKeyInfo = SubjectPublicKeyInfo.getInstance(bArr);
        if (!algorithmIdentifier.equals(subjectPublicKeyInfo.getAlgorithm())) {
            LogUtils.e(TAG, "Encode not valid, return null.", false);
            throw new SecurityException("encoded not valid");
        }
        byte[] bytes = subjectPublicKeyInfo.getPublicKeyData().getBytes();
        if (bytes.length == 65) {
            return bytes;
        }
        LogUtils.e(TAG, "Coding's length is not 65, it is {} now.", false);
        throw new SecurityException("encoded not valid");
    }

    private static BigInteger getDInt(byte[] bArr) {
        if (bArr.length == 32 || bArr.length == 33) {
            LogUtils.i(TAG, "return new BigInteger.", false);
            return new BigInteger(bArr);
        }
        LogUtils.i(TAG, "return ASN1 format.", false);
        return new Asn1Sm2PriInfo(bArr).getDInt();
    }

    private static BCECPrivateKey getPrivateKeyFromD(BigInteger bigInteger) {
        return new BCECPrivateKey("EC", new ECPrivateKeySpec(bigInteger, ecParameterSpec), BouncyCastleProvider.CONFIGURATION);
    }

    private static BCECPublicKey getPublickeyFromPublicKey(String str) {
        return new BCECPublicKey("EC", new ECPublicKeySpec(x9ECParameters.getCurve().decodePoint(getCoding(Hex.decode(str))), ecParameterSpec), BouncyCastleProvider.CONFIGURATION);
    }

    private static boolean isBase64Encode(byte[] bArr) {
        String str = new String(bArr, Charset.defaultCharset());
        if (str.length() % 4 != 0) {
            return false;
        }
        return Pattern.matches("^[a-zA-Z0-9/+]*={0,2}$", str);
    }

    private static byte[] rsAsn1ToPlainByteArray(byte[] bArr) throws IOException {
        ASN1Sequence aSN1Sequence = ASN1Sequence.getInstance(bArr);
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        aSN1EncodableVector.add(aSN1Sequence.getObjectAt(0));
        aSN1EncodableVector.add(aSN1Sequence.getObjectAt(1));
        return new DERSequence(aSN1EncodableVector).getEncoded();
    }

    private static byte[] rsPlainByteArrayToAsn1(byte[] bArr) throws IOException {
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        if (bArr.length == 64) {
            BigInteger bigInteger = new BigInteger(1, Arrays.copyOfRange(bArr, 0, 32));
            BigInteger bigInteger2 = new BigInteger(1, Arrays.copyOfRange(bArr, 32, 64));
            aSN1EncodableVector.add(new ASN1Integer(bigInteger));
            aSN1EncodableVector.add(new ASN1Integer(bigInteger2));
        } else {
            if (isBase64Encode(bArr)) {
                bArr = Hex.decode(bArr);
            }
            Enumeration objects = ((ASN1Sequence) new ASN1InputStream(new ByteArrayInputStream(bArr)).readObject()).getObjects();
            BigInteger value = ((ASN1Integer) objects.nextElement()).getValue();
            BigInteger value2 = ((ASN1Integer) objects.nextElement()).getValue();
            aSN1EncodableVector.add(new ASN1Integer(value));
            aSN1EncodableVector.add(new ASN1Integer(value2));
        }
        return new DERSequence(aSN1EncodableVector).getEncoded(ASN1Encoding.DER);
    }

    public static String sign(String str, String str2) {
        if (!TextUtils.isEmpty(str)) {
            return sign(getPrivateKeyFromD(getDInt(Hex.decode(str))), str2);
        }
        LogUtils.e(TAG, "Private key is empty, default return null.", false);
        return null;
    }

    private static String sign(BCECPrivateKey bCECPrivateKey, String str) {
        if (TextUtils.isEmpty(str)) {
            LogUtils.e(TAG, "Source data is empty, default return null.", false);
            return null;
        }
        if (bCECPrivateKey == null) {
            LogUtils.e(TAG, "bcecPrivateKey is null, default return null.", false);
            return null;
        }
        try {
            String encodeToString = Base64.encodeToString(signSm3WithSm2(str.getBytes(StandardCharsets.UTF_8), DEFAULT_USERID.getBytes(StandardCharsets.UTF_8), bCECPrivateKey), 0);
            if (encodeToString == null) {
                return null;
            }
            return encodeToString.trim().replaceAll(System.getProperty("line.separator"), "");
        } catch (Exception e) {
            LogUtils.e(TAG, "SM2 sign failed. ", e, false);
            return null;
        }
    }

    private static byte[] signSm3WithSm2(byte[] bArr, byte[] bArr2, PrivateKey privateKey) throws IOException {
        return rsAsn1ToPlainByteArray(signSm3WithSm2Asn1Rs(bArr, bArr2, privateKey));
    }

    private static byte[] signSm3WithSm2Asn1Rs(byte[] bArr, byte[] bArr2, PrivateKey privateKey) {
        try {
            SM2ParameterSpec sM2ParameterSpec = new SM2ParameterSpec(bArr2);
            Signature signature = Signature.getInstance("SM3withSM2", BouncyCastleProvider.PROVIDER_NAME);
            signature.setParameter(sM2ParameterSpec);
            signature.initSign(privateKey, new SecureRandom());
            signature.update(bArr, 0, bArr.length);
            return signature.sign();
        } catch (InvalidAlgorithmParameterException unused) {
            LogUtils.e(TAG, "InvalidAlgorithmParameterException", false);
            return null;
        } catch (InvalidKeyException unused2) {
            LogUtils.e(TAG, "InvalidKeyException", false);
            return null;
        } catch (NoSuchAlgorithmException unused3) {
            LogUtils.e(TAG, "NoSuchAlgorithmException", false);
            return null;
        } catch (NoSuchProviderException unused4) {
            LogUtils.e(TAG, "NoSuchProviderException", false);
            return null;
        } catch (SignatureException unused5) {
            LogUtils.e(TAG, "SignatureException", false);
            return null;
        }
    }

    public static boolean verifySign(String str, String str2, String str3) {
        if (TextUtils.isEmpty(str)) {
            LogUtils.e(TAG, "PublicKey is empty, return default false.", false);
            return false;
        }
        if (TextUtils.isEmpty(str2)) {
            LogUtils.e(TAG, "Source data is empty, return default false. ", false);
            return false;
        }
        if (!TextUtils.isEmpty(str3)) {
            return verifySign(str, str2.getBytes(StandardCharsets.UTF_8), str3);
        }
        LogUtils.e(TAG, "sign data is empty, return default false. ", false);
        return false;
    }

    private static boolean verifySign(String str, byte[] bArr, String str2) {
        if (!TextUtils.isEmpty(str)) {
            return verifySign(getPublickeyFromPublicKey(str), bArr, str2);
        }
        LogUtils.e(TAG, "PublicKey is empty, return default false.", false);
        return false;
    }

    private static boolean verifySign(PublicKey publicKey, byte[] bArr, String str) {
        if (bArr == null) {
            LogUtils.e(TAG, "Source data is empty, return default false. ", false);
            return false;
        }
        if (TextUtils.isEmpty(str)) {
            LogUtils.e(TAG, "sign data is empty, return default false. ", false);
            return false;
        }
        if (publicKey == null) {
            LogUtils.e(TAG, "publicKey is null, return default false. ", false);
            return false;
        }
        try {
            return verifySm3WithSm2(bArr, DEFAULT_USERID.getBytes(StandardCharsets.UTF_8), Base64.decode(str, 0), publicKey);
        } catch (IOException e) {
            LogUtils.e(TAG, "Sm2 verify sign failed. ", e, false);
            return false;
        }
    }

    private static boolean verifySm3WithSm2(byte[] bArr, byte[] bArr2, byte[] bArr3, PublicKey publicKey) throws IOException {
        return verifySm3WithSm2Asn1Rs(bArr, bArr2, rsPlainByteArrayToAsn1(bArr3), publicKey);
    }

    private static boolean verifySm3WithSm2Asn1Rs(byte[] bArr, byte[] bArr2, byte[] bArr3, PublicKey publicKey) {
        try {
            SM2ParameterSpec sM2ParameterSpec = new SM2ParameterSpec(bArr2);
            Signature signature = Signature.getInstance("SM3withSM2", BouncyCastleProvider.PROVIDER_NAME);
            signature.setParameter(sM2ParameterSpec);
            signature.initVerify(publicKey);
            signature.update(bArr, 0, bArr.length);
            return signature.verify(bArr3);
        } catch (InvalidAlgorithmParameterException unused) {
            LogUtils.e(TAG, "InvalidAlgorithmParameterException", false);
            return false;
        } catch (InvalidKeyException unused2) {
            LogUtils.e(TAG, "InvalidKeyException", false);
            return false;
        } catch (NoSuchAlgorithmException unused3) {
            LogUtils.e(TAG, "NoSuchAlgorithmException", false);
            return false;
        } catch (NoSuchProviderException unused4) {
            LogUtils.e(TAG, "NoSuchProviderException", false);
            return false;
        } catch (SignatureException unused5) {
            LogUtils.e(TAG, "SignatureException", false);
            return false;
        }
    }
}
