package cfca.sadk.tls.pure.impl;

import cfca.sadk.algorithm.common.Mechanism;
import cfca.sadk.algorithm.sm2.SM2PrivateKey;
import cfca.sadk.algorithm.sm2.SM2PublicKey;
import cfca.sadk.lib.crypto.Session;
import cfca.sadk.org.bouncycastle.asn1.sm2.ASN1SM2Signature;
import cfca.sadk.org.bouncycastle.jcajce.provider.asymmetric.sm.GMTKey;
import cfca.sadk.tls.pure.CryptoException;
import cfca.sadk.tls.pure.ISignature;
import cfca.sadk.tls.sun.security.ssl.sec.CryptoFactory;
import java.security.PrivateKey;
import java.security.PublicKey;

/* loaded from: input_file:cfca/sadk/tls/pure/impl/SM2Signature.class */
public final class SM2Signature implements ISignature {
    private static final Mechanism signAlg = new Mechanism("sm3WithSM2Encryption");
    private GMTKey publicKey = null;
    private GMTKey privateKey = null;
    private final cfca.sadk.org.bouncycastle.crypto.digests.SM3Digest hash = new cfca.sadk.org.bouncycastle.crypto.digests.SM3Digest();

    @Override // cfca.sadk.tls.pure.ISignature
    public void initSign(PrivateKey privateKey) throws CryptoException {
        GMTKey form = SM2Helper.form(privateKey);
        byte[] defaultZ = form.getDefaultZ();
        this.hash.reset();
        this.hash.update(defaultZ, 0, defaultZ.length);
        this.privateKey = form;
    }

    @Override // cfca.sadk.tls.pure.ISignature
    public void initVerify(PublicKey publicKey) throws CryptoException {
        GMTKey form = SM2Helper.form(publicKey);
        byte[] defaultZ = form.getDefaultZ();
        this.hash.reset();
        this.hash.update(defaultZ, 0, defaultZ.length);
        this.publicKey = form;
    }

    @Override // cfca.sadk.tls.pure.ISignature
    public int update(byte[] bArr) throws CryptoException {
        if (bArr != null) {
            this.hash.update(bArr, 0, bArr.length);
        }
        if (bArr == null) {
            return 0;
        }
        return bArr.length;
    }

    @Override // cfca.sadk.tls.pure.ISignature
    public int update(byte[] bArr, int i, int i2) throws CryptoException {
        int i3 = 0;
        if (bArr != null && bArr.length > i) {
            int length = bArr.length - i;
            i3 = length > i2 ? i2 : length;
            this.hash.update(bArr, i, i3);
        }
        return i3;
    }

    @Override // cfca.sadk.tls.pure.ISignature
    public int update(byte b) throws CryptoException {
        this.hash.update(b);
        return 1;
    }

    @Override // cfca.sadk.tls.pure.ISignature
    public byte[] sign() throws CryptoException {
        if (this.privateKey == null) {
            throw new CryptoException("privateKey not inited");
        }
        if (!(this.privateKey instanceof SM2PrivateKey)) {
            throw new CryptoException("privateKey not SM2PrivateKey");
        }
        try {
            Session session = CryptoFactory.singleton().session();
            byte[] bArr = new byte[32];
            this.hash.doFinal(bArr, 0);
            byte[] signByHash = session.signByHash(signAlg, this.privateKey, bArr);
            if (signByHash.length == 64) {
                signByHash = new ASN1SM2Signature(signByHash).getEncoded();
            }
            return signByHash;
        } catch (Exception e) {
            throw new CryptoException("sign failed", e);
        }
    }

    @Override // cfca.sadk.tls.pure.ISignature
    public boolean verify(byte[] bArr) throws CryptoException {
        if (this.publicKey == null) {
            throw new CryptoException("publicKey not inited");
        }
        if (bArr == null) {
            throw new CryptoException("signValue==null");
        }
        if (!(this.publicKey instanceof SM2PublicKey)) {
            throw new CryptoException("publicKey not SM2PublicKey");
        }
        try {
            Session session = CryptoFactory.singleton().session();
            if (bArr.length != 64) {
                bArr = new ASN1SM2Signature(bArr).getRSRaw64Bytes();
            }
            byte[] bArr2 = new byte[32];
            this.hash.doFinal(bArr2, 0);
            return session.verifyByHash(signAlg, this.publicKey, bArr2, bArr);
        } catch (Exception e) {
            throw new CryptoException("verify failed", e);
        }
    }
}
