package com.sansec.crypto.signers;

import com.sansec.asn1.pkcs.DSASignStructure;
import com.sansec.asn1.pkcs.DSAStructureUtil;
import com.sansec.crypto.CipherParameters;
import com.sansec.crypto.RuntimeCryptoException;
import com.sansec.crypto.params.DSAKeyParameters;
import com.sansec.crypto.params.DSAParameters;
import com.sansec.crypto.params.DSAPrivateKeyParameters;
import com.sansec.crypto.params.DSAPublicKeyParameters;
import com.sansec.crypto.params.ParametersWithRandom;
import com.sansec.devicev4.SwxaDeviceFactory;
import com.sansec.devicev4.api.ISDSCrypto;
import com.sansec.devicev4.gb.struct.key.IDSArefPrivateKey;
import com.sansec.devicev4.gb.struct.key.IDSArefPublicKey;
import com.sansec.devicev4.gb.struct.key.dsa.DSArefPrivateKeyEx;
import com.sansec.devicev4.gb.struct.key.dsa.DSArefPrivateKeyLite;
import com.sansec.devicev4.gb.struct.key.dsa.DSArefPublicKeyEx;
import com.sansec.devicev4.gb.struct.key.dsa.DSArefPublicKeyLite;
import com.sansec.devicev4.gb.struct.key.dsa.DSArefSignature;
import com.sansec.devicev4.log.CryptoLogger;
import com.sansec.devicev4.util.PrintUtil;
import com.sansec.util.BigIntegerUitl;
import com.sansec.util.encoders.Hex;
import java.math.BigInteger;
import java.util.logging.Level;
import java.util.logging.Logger;

/* loaded from: input_file:com/sansec/crypto/signers/DSAHsmSigner.class */
public class DSAHsmSigner extends DSASigner {
    private Logger logger = CryptoLogger.logger;
    protected DSAKeyParameters key;
    private ISDSCrypto device;

    @Override // com.sansec.crypto.signers.DSASigner, com.sansec.crypto.DSA
    public void init(boolean z, CipherParameters cipherParameters) {
        if (cipherParameters instanceof ParametersWithRandom) {
            this.key = (DSAKeyParameters) ((ParametersWithRandom) cipherParameters).getParameters();
        } else {
            this.key = (DSAKeyParameters) cipherParameters;
        }
        try {
            this.device = SwxaDeviceFactory.getInstance();
        } catch (Exception e) {
            throw new RuntimeCryptoException("Get HSM device instance error", e);
        }
    }

    @Override // com.sansec.crypto.signers.DSASigner, com.sansec.crypto.DSA
    public BigInteger[] generateSignature(byte[] bArr) {
        DSArefSignature dsaSign;
        if (this.key == null) {
            throw new IllegalStateException("DSA sign engine not initialised");
        }
        int keyIndex = this.key.getKeyIndex();
        int keyType = this.key.getKeyType();
        String hsmIP = this.key.getHsmIP();
        if (keyIndex == 0) {
            IDSArefPrivateKey iDSARefPrivateKey = getIDSARefPrivateKey((DSAPrivateKeyParameters) this.key);
            try {
                dsaSign = this.device.dsaSign(iDSARefPrivateKey, bArr, hsmIP);
            } catch (Exception e) {
                if (this.logger.isLoggable(Level.INFO)) {
                    this.logger.log(Level.INFO, "DSASign error");
                    this.logger.log(Level.INFO, "private key:\n" + iDSARefPrivateKey.toString());
                    this.logger.log(Level.INFO, "data input:\n" + PrintUtil.toHexString(bArr));
                }
                throw new RuntimeCryptoException("External DSA private key signature error", e);
            }
        } else {
            try {
                dsaSign = this.device.dsaSign(keyIndex, keyType, bArr, hsmIP);
            } catch (Exception e2) {
                if (this.logger.isLoggable(Level.INFO)) {
                    this.logger.log(Level.INFO, "DSASign error");
                    this.logger.log(Level.INFO, "key Index:\n" + keyIndex);
                    this.logger.log(Level.INFO, "data input:\n" + PrintUtil.toHexString(bArr));
                }
                throw new RuntimeCryptoException("Internal DSA private key signature error", e2);
            }
        }
        DSASignStructure convert = DSAStructureUtil.convert(dsaSign);
        return new BigInteger[]{convert.getR(), convert.getS()};
    }

    @Override // com.sansec.crypto.signers.DSASigner, com.sansec.crypto.DSA
    public boolean verifySignature(byte[] bArr, BigInteger bigInteger, BigInteger bigInteger2) {
        if (this.key == null) {
            throw new IllegalStateException("DSA sign engine not initialised");
        }
        int keyIndex = this.key.getKeyIndex();
        int keyType = this.key.getKeyType();
        String hsmIP = this.key.getHsmIP();
        try {
            DSArefSignature convert = DSAStructureUtil.convert(this.key.getBits(), new DSASignStructure(bigInteger, bigInteger2));
            if (keyIndex != 0) {
                try {
                    return this.device.dsaVerify(keyIndex, keyType, bArr, convert, hsmIP);
                } catch (Exception e) {
                    if (this.logger.isLoggable(Level.INFO)) {
                        this.logger.log(Level.INFO, "DSAVerify error", (Throwable) e);
                        this.logger.log(Level.INFO, "keyIndex:\n" + keyIndex);
                        this.logger.log(Level.INFO, "signature:\n" + convert.toString());
                        this.logger.log(Level.INFO, "data input:\n" + Hex.toHexString(bArr));
                    }
                    throw new RuntimeCryptoException("Internal DSA public key verification error", e);
                }
            }
            IDSArefPublicKey iDSArefPublicKey = getIDSArefPublicKey((DSAPublicKeyParameters) this.key);
            try {
                return this.device.dsaVerify(iDSArefPublicKey, bArr, convert, hsmIP);
            } catch (Exception e2) {
                if (this.logger.isLoggable(Level.INFO)) {
                    this.logger.log(Level.INFO, "DSAVerify error", (Throwable) e2);
                    this.logger.log(Level.INFO, "publicKey:\n" + iDSArefPublicKey.toString());
                    this.logger.log(Level.INFO, "signature:\n" + convert.toString());
                    this.logger.log(Level.INFO, "data input:\n" + Hex.toHexString(bArr));
                }
                throw new RuntimeCryptoException("External DSA public key verification error", e2);
            }
        } catch (Exception e3) {
            this.logger.log(Level.INFO, "DSA signed data:" + Hex.toHexString(bArr));
            throw new RuntimeCryptoException("DSA signature structure error", e3);
        }
    }

    private IDSArefPublicKey getIDSArefPublicKey(DSAPublicKeyParameters dSAPublicKeyParameters) {
        int bits = dSAPublicKeyParameters.getBits();
        byte[] byteArray = dSAPublicKeyParameters.getY().toByteArray();
        byte[] byteArray2 = this.key.getParameters().getP().toByteArray();
        byte[] byteArray3 = this.key.getParameters().getQ().toByteArray();
        byte[] byteArray4 = this.key.getParameters().getG().toByteArray();
        return bits > 2048 ? new DSArefPublicKeyEx(bits, byteArray2, byteArray3, byteArray4, byteArray) : new DSArefPublicKeyLite(bits, byteArray2, byteArray3, byteArray4, byteArray);
    }

    public IDSArefPrivateKey getIDSARefPrivateKey(DSAPrivateKeyParameters dSAPrivateKeyParameters) {
        DSAParameters parameters = this.key.getParameters();
        int bits = this.key.getBits();
        byte[] byteArray = parameters.getP().toByteArray();
        byte[] byteArray2 = parameters.getQ().toByteArray();
        byte[] byteArray3 = parameters.getG().toByteArray();
        byte[] asUnsigned32ByteArray = BigIntegerUitl.asUnsigned32ByteArray(dSAPrivateKeyParameters.getX());
        return bits > 2048 ? new DSArefPrivateKeyEx(bits, byteArray, byteArray2, byteArray3, new byte[512], asUnsigned32ByteArray) : new DSArefPrivateKeyLite(bits, byteArray, byteArray2, byteArray3, new byte[256], asUnsigned32ByteArray);
    }
}
