package com.jd.blockchain.crypto.service.sm;

import com.jd.blockchain.crypto.AsymmetricCiphertext;
import com.jd.blockchain.crypto.AsymmetricEncryptionFunction;
import com.jd.blockchain.crypto.AsymmetricKeypair;
import com.jd.blockchain.crypto.Ciphertext;
import com.jd.blockchain.crypto.CryptoAlgorithm;
import com.jd.blockchain.crypto.CryptoException;
import com.jd.blockchain.crypto.CryptoKeyType;
import com.jd.blockchain.crypto.PrivKey;
import com.jd.blockchain.crypto.PubKey;
import com.jd.blockchain.crypto.SignatureDigest;
import com.jd.blockchain.crypto.SignatureFunction;
import com.jd.blockchain.crypto.utils.sm.SM2Utils;
import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
import org.bouncycastle.crypto.params.ECPublicKeyParameters;

/* loaded from: input_file:com/jd/blockchain/crypto/service/sm/SM2CryptoFunction.class */
public class SM2CryptoFunction implements AsymmetricEncryptionFunction, SignatureFunction {
    private static final CryptoAlgorithm SM2 = SMAlgorithm.SM2;
    private static final int ECPOINT_SIZE = 65;
    private static final int PRIVKEY_SIZE = 32;
    private static final int SIGNATUREDIGEST_SIZE = 64;
    private static final int HASHDIGEST_SIZE = 32;
    private static final int PUBKEY_LENGTH = 68;
    private static final int PRIVKEY_LENGTH = 35;
    private static final int SIGNATUREDIGEST_LENGTH = 66;

    public Ciphertext encrypt(PubKey pubKey, byte[] bArr) {
        byte[] rawKeyBytes = pubKey.getRawKeyBytes();
        if (rawKeyBytes.length != ECPOINT_SIZE) {
            throw new CryptoException("This key has wrong format!");
        }
        if (pubKey.getAlgorithm() != SM2.code()) {
            throw new CryptoException("The is not sm2 public key!");
        }
        return new AsymmetricCiphertext(SM2, SM2Utils.encrypt(bArr, rawKeyBytes));
    }

    public byte[] decrypt(PrivKey privKey, Ciphertext ciphertext) {
        byte[] rawKeyBytes = privKey.getRawKeyBytes();
        byte[] rawCiphertext = ciphertext.getRawCiphertext();
        if (rawKeyBytes.length != 32) {
            throw new CryptoException("This key has wrong format!");
        }
        if (privKey.getAlgorithm() != SM2.code()) {
            throw new CryptoException("This key is not SM2 private key!");
        }
        if (ciphertext.getAlgorithm() != SM2.code() || rawCiphertext.length < 97) {
            throw new CryptoException("This is not SM2 ciphertext!");
        }
        return SM2Utils.decrypt(rawCiphertext, rawKeyBytes);
    }

    public PubKey retrievePubKey(PrivKey privKey) {
        return new PubKey(SM2, SM2Utils.retrievePublicKey(privKey.getRawKeyBytes()));
    }

    public boolean supportPrivKey(byte[] bArr) {
        return bArr.length == PRIVKEY_LENGTH && CryptoAlgorithm.match(SM2, bArr) && bArr[2] == CryptoKeyType.PRIVATE.CODE;
    }

    public PrivKey resolvePrivKey(byte[] bArr) {
        if (supportPrivKey(bArr)) {
            return new PrivKey(bArr);
        }
        throw new CryptoException("privKeyBytes are invalid!");
    }

    public boolean supportPubKey(byte[] bArr) {
        return bArr.length == PUBKEY_LENGTH && CryptoAlgorithm.match(SM2, bArr) && bArr[2] == CryptoKeyType.PUBLIC.CODE;
    }

    public PubKey resolvePubKey(byte[] bArr) {
        if (supportPubKey(bArr)) {
            return new PubKey(bArr);
        }
        throw new CryptoException("pubKeyBytes are invalid!");
    }

    public boolean supportCiphertext(byte[] bArr) {
        return bArr.length >= 99 && CryptoAlgorithm.match(SM2, bArr);
    }

    public AsymmetricCiphertext resolveCiphertext(byte[] bArr) {
        if (supportCiphertext(bArr)) {
            return new AsymmetricCiphertext(bArr);
        }
        throw new CryptoException("ciphertextBytes are invalid!");
    }

    public SignatureDigest sign(PrivKey privKey, byte[] bArr) {
        byte[] rawKeyBytes = privKey.getRawKeyBytes();
        if (rawKeyBytes.length != 32) {
            throw new CryptoException("This key has wrong format!");
        }
        if (privKey.getAlgorithm() != SM2.code()) {
            throw new CryptoException("This key is not SM2 private key!");
        }
        return new SignatureDigest(SM2, SM2Utils.sign(bArr, rawKeyBytes));
    }

    public boolean verify(SignatureDigest signatureDigest, PubKey pubKey, byte[] bArr) {
        byte[] rawKeyBytes = pubKey.getRawKeyBytes();
        byte[] rawDigest = signatureDigest.getRawDigest();
        if (rawKeyBytes.length != ECPOINT_SIZE) {
            throw new CryptoException("This key has wrong format!");
        }
        if (pubKey.getAlgorithm() != SM2.code()) {
            throw new CryptoException("This key is not SM2 public key!");
        }
        if (signatureDigest.getAlgorithm() == SM2.code() && rawDigest.length == SIGNATUREDIGEST_SIZE) {
            return SM2Utils.verify(bArr, rawKeyBytes, rawDigest);
        }
        throw new CryptoException("This is not SM2 signature digest!");
    }

    public boolean supportDigest(byte[] bArr) {
        return bArr.length == SIGNATUREDIGEST_LENGTH && CryptoAlgorithm.match(SM2, bArr);
    }

    public SignatureDigest resolveDigest(byte[] bArr) {
        if (supportDigest(bArr)) {
            return new SignatureDigest(bArr);
        }
        throw new CryptoException("digestBytes are invalid!");
    }

    public CryptoAlgorithm getAlgorithm() {
        return SM2;
    }

    public AsymmetricKeypair generateKeypair() {
        AsymmetricCipherKeyPair generateKeyPair = SM2Utils.generateKeyPair();
        ECPrivateKeyParameters eCPrivateKeyParameters = generateKeyPair.getPrivate();
        ECPublicKeyParameters eCPublicKeyParameters = generateKeyPair.getPublic();
        byte[] byteArray = eCPrivateKeyParameters.getD().toByteArray();
        byte[] bArr = new byte[32];
        if (byteArray.length > 32) {
            System.arraycopy(byteArray, byteArray.length - 32, bArr, 0, 32);
        } else {
            System.arraycopy(byteArray, 0, bArr, 32 - byteArray.length, byteArray.length);
        }
        return new AsymmetricKeypair(new PubKey(SM2, eCPublicKeyParameters.getQ().getEncoded(false)), new PrivKey(SM2, bArr));
    }
}
