package cn.com.duiba.quanyi.center.api.utils.sm;

import cn.hutool.core.codec.Base62;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Security;
import java.security.Signature;
import java.security.spec.AlgorithmParameterSpec;
import org.bouncycastle.asn1.gm.GMNamedCurves;
import org.bouncycastle.asn1.gm.GMObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.asn1.x9.X9ECParameters;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.jce.spec.ECNamedCurveParameterSpec;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:cn/com/duiba/quanyi/center/api/utils/sm/SM2Util.class */
public class SM2Util {
    private static final Logger log = LoggerFactory.getLogger(SM2Util.class);
    public static ThreadLocal<Signature> signature = ThreadLocal.withInitial(() -> {
        try {
            return Signature.getInstance(GMObjectIdentifiers.sm2sign_with_sm3.toString(), "BC");
        } catch (Exception e) {
            log.error("genSignature", e);
            throw new RuntimeException(e);
        }
    });

    public static KeyPair createKeyPair() {
        X9ECParameters byName = GMNamedCurves.getByName("sm2p256v1");
        AlgorithmParameterSpec eCNamedCurveParameterSpec = new ECNamedCurveParameterSpec(GMObjectIdentifiers.sm2p256v1.toString(), byName.getCurve(), byName.getG(), byName.getN());
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC", "BC");
            keyPairGenerator.initialize(eCNamedCurveParameterSpec, new SecureRandom());
            return keyPairGenerator.generateKeyPair();
        } catch (Exception e) {
            log.warn("createKeyPair fail", e);
            throw new RuntimeException(e);
        }
    }

    private static String sign(PrivateKey privateKey, String str) {
        try {
            signature.get().initSign(privateKey);
            signature.get().update(str.getBytes());
            return Base62.encode(signature.get().sign());
        } catch (Exception e) {
            log.error("sign fail", e);
            throw new RuntimeException(e);
        }
    }

    public static String sign(String str, String str2) {
        try {
            return sign(BouncyCastleProvider.getPrivateKey(PrivateKeyInfo.getInstance(Base62.decode(str))), str2);
        } catch (Exception e) {
            log.error("sign fail", e);
            throw new RuntimeException(e);
        }
    }

    private static boolean verifySign(PublicKey publicKey, String str, String str2) {
        try {
            signature.get().initVerify(publicKey);
            signature.get().update(str2.getBytes());
            return signature.get().verify(Base62.decode(str));
        } catch (Exception e) {
            log.error("sign fail", e);
            throw new RuntimeException(e);
        }
    }

    public static boolean verifySign(String str, String str2, String str3) {
        try {
            return verifySign(BouncyCastleProvider.getPublicKey(SubjectPublicKeyInfo.getInstance(Base62.decode(str))), str2, str3);
        } catch (Exception e) {
            log.error("verifySign fail", e);
            throw new RuntimeException(e);
        }
    }

    public static void main(String[] strArr) {
        KeyPair createKeyPair = createKeyPair();
        String encode = Base62.encode(createKeyPair.getPrivate().getEncoded());
        System.out.println("SM2私钥:（签名方请自行保存）");
        System.out.println(encode);
        String encode2 = Base62.encode(createKeyPair.getPublic().getEncoded());
        System.out.println("SM2公钥:（请提供给验签方）");
        System.out.println(encode2);
        System.out.println("签名前数据src：test23456789034567");
        String sign = sign(encode, "test23456789034567");
        System.out.println("签名sign：" + sign);
        System.out.println("验签结果：" + verifySign(encode2, sign, "test23456789034567"));
    }

    static {
        if (Security.getProvider("BC") == null) {
            Security.addProvider(new BouncyCastleProvider());
        }
    }
}
