package com.alipay.mychain.sdk.crypto.signer;

import com.alipay.mychain.sdk.crypto.AlgoIdEnum;
import com.alipay.mychain.sdk.crypto.CryptoUtils;
import com.alipay.mychain.sdk.crypto.keypair.KeyTypeEnum;
import com.alipay.mychain.sdk.crypto.keypair.Keypair;
import com.alipay.mychain.sdk.errorcode.ErrorCode;
import com.alipay.mychain.sdk.exception.MychainSdkException;
import java.math.BigInteger;
import java.util.Arrays;
import org.apache.commons.lang3.ArrayUtils;
import org.apache.commons.lang3.exception.ExceptionUtils;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.x9.X9ECParameters;
import org.bouncycastle.crypto.ec.CustomNamedCurves;
import org.bouncycastle.crypto.params.ECDomainParameters;
import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
import org.bouncycastle.crypto.params.ECPublicKeyParameters;
import org.bouncycastle.crypto.signers.ECDSASigner;
import org.bouncycastle.math.ec.ECCurve;
import org.bouncycastle.math.ec.custom.sec.SecP256R1Curve;
import org.bouncycastle.util.encoders.Hex;

/* loaded from: input_file:com/alipay/mychain/sdk/crypto/signer/EccR1SignerV1.class */
public class EccR1SignerV1 implements SignerBase {
    private static final X9ECParameters CURVE_PARAMS = CustomNamedCurves.getByName("secp256r1");
    private static final ECCurve CURVE4ORDER = new SecP256R1Curve();
    private static final ECDomainParameters CURVE = new ECDomainParameters(CURVE_PARAMS.getCurve(), CURVE_PARAMS.getG(), CURVE_PARAMS.getN(), CURVE_PARAMS.getH());
    private byte[] privateKey;
    private byte[] publicKey;

    public EccR1SignerV1(Keypair keypair) {
        if (keypair == null) {
            throw new MychainSdkException(ErrorCode.SDK_INVALID_PARAMETER, "keypair is null!");
        }
        if (keypair.getType() != KeyTypeEnum.KEY_ECCR1_PKCS8) {
            throw new MychainSdkException(ErrorCode.SDK_INVALID_PARAMETER, "invalid key type!");
        }
        byte[] pubkeyId = keypair.getPubkeyId();
        byte[] privkeyId = keypair.getPrivkeyId();
        if (!ArrayUtils.isEmpty(pubkeyId)) {
            this.publicKey = getPubkeyFromId(pubkeyId);
        }
        if (ArrayUtils.isEmpty(privkeyId)) {
            return;
        }
        if (privkeyId.length != 32) {
            throw new MychainSdkException(ErrorCode.SDK_INVALID_PARAMETER, "need private key size 32 but " + privkeyId.length);
        }
        this.privateKey = ArrayUtils.clone(privkeyId);
        if (ArrayUtils.isEmpty(pubkeyId)) {
            this.publicKey = getPubKeyByPrivkey(privkeyId);
        }
    }

    public static void main(String[] strArr) {
        EccR1SignerV1 eccR1SignerV1 = new EccR1SignerV1(new Keypair(Hex.decode("0002045eb3bd920d8f1a9f55b4bca76cb74112caeaa86cebc75673269f32171a239d7dac6f7b6939f0fa86f84a9f327027bd86224a8396997412257b6d6931f0f16940"), Hex.decode("00023d0a5447543665185e98c28e6e06573ec8050d9320a10d91b2f3dbcccf52e17c")));
        byte[] sign = eccR1SignerV1.sign(Hex.decode("2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824"));
        System.out.println(Hex.toHexString(sign));
        eccR1SignerV1.verify(sign, Hex.decode("2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824"));
        System.out.println("end");
    }

    @Override // com.alipay.mychain.sdk.crypto.signer.SignerBase
    public AlgoIdEnum getAlgo() {
        return AlgoIdEnum.SIGNER_ECCR1_LOCAL_V1;
    }

    @Override // com.alipay.mychain.sdk.crypto.signer.SignerBase
    public boolean isSigner() {
        return !ArrayUtils.isEmpty(this.privateKey);
    }

    @Override // com.alipay.mychain.sdk.crypto.signer.SignerBase
    public boolean isVerifier() {
        return !ArrayUtils.isEmpty(this.publicKey);
    }

    @Override // com.alipay.mychain.sdk.crypto.signer.SignerBase
    public byte[] sign(byte[] bArr) {
        if (ArrayUtils.isEmpty(bArr) || bArr.length != 32) {
            throw new MychainSdkException(ErrorCode.SDK_INVALID_PARAMETER, "need hash size 32 but " + (ArrayUtils.isEmpty(bArr) ? 0 : bArr.length));
        }
        if (!isSigner()) {
            throw new MychainSdkException(ErrorCode.SDK_INVALID_PRIVATE_KEY, "no private key");
        }
        ECDSASigner eCDSASigner = new ECDSASigner();
        eCDSASigner.init(true, new ECPrivateKeyParameters(new BigInteger(1, this.privateKey), CURVE));
        BigInteger[] generateSignature = eCDSASigner.generateSignature(bArr);
        BigInteger order = CURVE4ORDER.getOrder();
        if (generateSignature[1].compareTo(order.divide(BigInteger.valueOf(2L))) > 0) {
            generateSignature[1] = order.subtract(generateSignature[1]);
        }
        try {
            ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
            aSN1EncodableVector.add(new ASN1Integer(generateSignature[0]));
            aSN1EncodableVector.add(new ASN1Integer(generateSignature[1]));
            byte[] encoded = new DERSequence(aSN1EncodableVector).getEncoded();
            byte[] bArr2 = new byte[encoded.length + 6];
            System.arraycopy(getAlgo().toBytes(), 0, bArr2, 0, 2);
            byte[] bArr3 = new byte[67];
            System.arraycopy(KeyTypeEnum.KEY_ECCR1_PKCS8.toBytes(), 0, bArr3, 0, 2);
            bArr3[2] = 4;
            System.arraycopy(this.publicKey, 0, bArr3, 3, 64);
            System.arraycopy(CryptoUtils.getPubkeyFp(bArr3), 0, bArr2, 2, 4);
            System.arraycopy(encoded, 0, bArr2, 6, encoded.length);
            return bArr2;
        } catch (Exception e) {
            throw new MychainSdkException(ErrorCode.OTHERS, ExceptionUtils.getStackTrace(e));
        }
    }

    @Override // com.alipay.mychain.sdk.crypto.signer.SignerBase
    public boolean verify(byte[] bArr, byte[] bArr2) {
        if (bArr2.length != 32) {
            throw new MychainSdkException(ErrorCode.SDK_INVALID_PARAMETER, "need msg size 32 but " + (ArrayUtils.isEmpty(bArr2) ? 0 : bArr2.length));
        }
        if (!isVerifier()) {
            throw new MychainSdkException(ErrorCode.SDK_INVALID_PARAMETER, "no pub key");
        }
        if (!AlgoIdEnum.valueOf(bArr).equals(AlgoIdEnum.SIGNER_ECCR1_LOCAL_V1)) {
            throw new MychainSdkException(ErrorCode.SDK_SIGN_TOOL_VERIFY_ERROR, "algo no match");
        }
        byte[] bArr3 = new byte[bArr.length - 6];
        System.arraycopy(bArr, 6, bArr3, 0, bArr.length - 6);
        byte[] bArr4 = this.publicKey;
        ECPublicKeyParameters eCPublicKeyParameters = new ECPublicKeyParameters(CURVE.getCurve().createPoint(new BigInteger(1, Arrays.copyOfRange(bArr4, 0, 32)), new BigInteger(1, Arrays.copyOfRange(bArr4, 32, 64))), CURVE);
        ECDSASigner eCDSASigner = new ECDSASigner();
        eCDSASigner.init(false, eCPublicKeyParameters);
        try {
            ASN1Sequence aSN1Sequence = ASN1Sequence.getInstance(bArr3);
            return eCDSASigner.verifySignature(bArr2, aSN1Sequence.getObjectAt(0).getValue(), aSN1Sequence.getObjectAt(1).getValue());
        } catch (Exception e) {
            throw new MychainSdkException(ErrorCode.SDK_SIGN_TOOL_VERIFY_ERROR, ExceptionUtils.getStackTrace(e));
        }
    }

    @Override // com.alipay.mychain.sdk.crypto.signer.SignerBase
    public byte[] recover(byte[] bArr, byte[] bArr2) {
        return new byte[0];
    }

    private byte[] getPubkeyFromId(byte[] bArr) {
        if (bArr.length != 64 && bArr.length != 65) {
            throw new MychainSdkException(ErrorCode.SDK_INVALID_PARAMETER, "need public key size 64 or 65 but " + bArr.length);
        }
        if (bArr.length == 64) {
            return ArrayUtils.clone(bArr);
        }
        if (bArr[0] != 4) {
            throw new MychainSdkException(ErrorCode.SDK_INVALID_PARAMETER, "65 bytes public key need start by 04");
        }
        return Arrays.copyOfRange(bArr, 1, 65);
    }

    private byte[] getPubKeyByPrivkey(byte[] bArr) {
        byte[] encoded = CryptoUtils.publicPointFromPrivate(CURVE, new BigInteger(1, bArr)).getEncoded(false);
        return Arrays.copyOfRange(encoded, 1, encoded.length);
    }
}
