package org.xipki.security.pkcs11.emulator;

import java.io.IOException;
import java.math.BigInteger;
import java.security.SecureRandom;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.gm.GMObjectIdentifiers;
import org.bouncycastle.crypto.CipherParameters;
import org.bouncycastle.crypto.CryptoException;
import org.bouncycastle.crypto.Digest;
import org.bouncycastle.crypto.params.ECDomainParameters;
import org.bouncycastle.crypto.params.ECKeyParameters;
import org.bouncycastle.crypto.params.ParametersWithRandom;
import org.bouncycastle.crypto.signers.DSAKCalculator;
import org.bouncycastle.crypto.signers.RandomDSAKCalculator;
import org.bouncycastle.math.ec.ECConstants;
import org.bouncycastle.math.ec.ECPoint;
import org.bouncycastle.math.ec.FixedPointCombMultiplier;
import org.xipki.security.HashAlgo;
import org.xipki.security.util.GMUtil;

/* loaded from: input_file:WEB-INF/lib/security-extra-5.3.11.jar:org/xipki/security/pkcs11/emulator/SM2Signer.class */
class SM2Signer {
    private final DSAKCalculator kCalculator = new RandomDSAKCalculator();
    private final Digest digest;
    private final ECDomainParameters ecParams;
    private final ECKeyParameters ecKey;
    private final ECPoint pubPoint;

    public SM2Signer(CipherParameters cipherParameters) {
        if (cipherParameters instanceof ParametersWithRandom) {
            ParametersWithRandom parametersWithRandom = (ParametersWithRandom) cipherParameters;
            this.ecKey = parametersWithRandom.getParameters();
            this.ecParams = this.ecKey.getParameters();
            this.kCalculator.init(this.ecParams.getN(), parametersWithRandom.getRandom());
        } else {
            this.ecKey = (ECKeyParameters) cipherParameters;
            this.ecParams = this.ecKey.getParameters();
            this.kCalculator.init(this.ecParams.getN(), new SecureRandom());
        }
        if (!GMUtil.isSm2primev2Curve(this.ecKey.getParameters().getCurve())) {
            throw new IllegalArgumentException("Given EC key is not of the curve sm2primev2");
        }
        this.pubPoint = new FixedPointCombMultiplier().multiply(this.ecParams.getG(), this.ecKey.getD()).normalize();
        this.digest = HashAlgo.SM3.createDigest();
    }

    public byte[] generateSignatureForMessage(byte[] bArr, byte[] bArr2) throws CryptoException {
        byte[] sm2z = bArr == null ? GMUtil.getSM2Z(GMObjectIdentifiers.sm2p256v1, this.pubPoint.getAffineXCoord().toBigInteger(), this.pubPoint.getAffineYCoord().toBigInteger()) : GMUtil.getSM2Z(bArr, GMObjectIdentifiers.sm2p256v1, this.pubPoint.getAffineXCoord().toBigInteger(), this.pubPoint.getAffineYCoord().toBigInteger());
        this.digest.reset();
        this.digest.update(sm2z, 0, sm2z.length);
        this.digest.update(bArr2, 0, bArr2.length);
        byte[] bArr3 = new byte[this.digest.getDigestSize()];
        this.digest.doFinal(bArr3, 0);
        return generateSignatureForHash(bArr3);
    }

    public byte[] generateSignatureForHash(byte[] bArr) throws CryptoException {
        BigInteger n = this.ecParams.getN();
        BigInteger bigInteger = new BigInteger(1, bArr);
        BigInteger d = this.ecKey.getD();
        FixedPointCombMultiplier fixedPointCombMultiplier = new FixedPointCombMultiplier();
        while (true) {
            BigInteger nextK = this.kCalculator.nextK();
            BigInteger mod = bigInteger.add(fixedPointCombMultiplier.multiply(this.ecParams.getG(), nextK).normalize().getAffineXCoord().toBigInteger()).mod(n);
            if (!mod.equals(ECConstants.ZERO) && !mod.add(nextK).equals(n)) {
                BigInteger mod2 = d.add(ECConstants.ONE).modInverse(n).multiply(nextK.subtract(mod.multiply(d)).mod(n)).mod(n);
                if (!mod2.equals(ECConstants.ZERO)) {
                    try {
                        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
                        aSN1EncodableVector.add(new ASN1Integer(mod));
                        aSN1EncodableVector.add(new ASN1Integer(mod2));
                        return new DERSequence(aSN1EncodableVector).getEncoded("DER");
                    } catch (IOException e) {
                        throw new CryptoException("unable to encode signature: " + e.getMessage(), e);
                    }
                }
            }
        }
    }
}
