package com.sansec.crypto.signers;

import com.sansec.crypto.CipherParameters;
import com.sansec.crypto.RuntimeCryptoException;
import com.sansec.crypto.Signer;
import com.sansec.crypto.params.Ed25519PrivateKeyParameters;
import com.sansec.crypto.params.Ed25519PublicKeyParameters;
import com.sansec.devicev4.SwxaDeviceFactory;
import com.sansec.devicev4.api.CryptoException;
import com.sansec.devicev4.api.ISDSCrypto;
import com.sansec.devicev4.gb.struct.key.ed.EdDSArefPrivateKey;
import com.sansec.devicev4.gb.struct.key.ed.EdDSArefPublicKey;
import com.sansec.devicev4.gb.struct.key.ed.EdDSArefSignature;
import com.sansec.devicev4.log.CryptoLogger;
import com.sansec.devicev4.util.PrintUtil;
import com.sansec.util.Arrays;
import com.sansec.util.encoders.Hex;
import java.io.ByteArrayOutputStream;
import java.util.logging.Level;
import java.util.logging.Logger;

/* loaded from: input_file:com/sansec/crypto/signers/Ed25519HSMSigner.class */
public class Ed25519HSMSigner implements Signer {
    private boolean forSigning;
    private Ed25519PrivateKeyParameters privateKey;
    private Ed25519PublicKeyParameters publicKey;
    private Logger logger = CryptoLogger.logger;
    private final Buffer buffer = new Buffer();
    private ISDSCrypto device = null;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/sansec/crypto/signers/Ed25519HSMSigner$Buffer.class */
    public static class Buffer extends ByteArrayOutputStream {
        private Buffer() {
        }

        @Override // java.io.ByteArrayOutputStream
        public synchronized void reset() {
            Arrays.fill(this.buf, 0, this.count, (byte) 0);
            this.count = 0;
        }
    }

    @Override // com.sansec.crypto.Signer
    public void init(boolean z, CipherParameters cipherParameters) {
        this.forSigning = z;
        if (z) {
            this.privateKey = (Ed25519PrivateKeyParameters) cipherParameters;
            this.publicKey = null;
        } else {
            this.privateKey = null;
            this.publicKey = (Ed25519PublicKeyParameters) cipherParameters;
        }
        reset();
        try {
            this.device = SwxaDeviceFactory.getInstance();
        } catch (Exception e) {
            throw new RuntimeCryptoException("Get HSM device instance error", e);
        }
    }

    @Override // com.sansec.crypto.Signer
    public void update(byte b) {
        this.buffer.write(b);
    }

    @Override // com.sansec.crypto.Signer
    public void update(byte[] bArr, int i, int i2) {
        this.buffer.write(bArr, i, i2);
    }

    @Override // com.sansec.crypto.Signer
    public byte[] generateSignature() {
        EdDSArefSignature eddsaSign;
        if (!this.forSigning || null == this.privateKey) {
            throw new IllegalStateException("Ed25519Signer not initialised for signature generation.");
        }
        byte[] bArr = new byte[64];
        byte[] byteArray = this.buffer.toByteArray();
        Ed25519PrivateKeyParameters ed25519PrivateKeyParameters = this.privateKey;
        int keyIndex = ed25519PrivateKeyParameters.getKeyIndex();
        int keyType = ed25519PrivateKeyParameters.getKeyType();
        String hsmIP = ed25519PrivateKeyParameters.getHsmIP();
        if (keyIndex == 0) {
            EdDSArefPrivateKey edDSArefPrivateKey = new EdDSArefPrivateKey(256, 1, ed25519PrivateKeyParameters.getEncoded());
            try {
                eddsaSign = this.device.eddsaSign(edDSArefPrivateKey, byteArray, hsmIP);
            } catch (Exception e) {
                if (this.logger.isLoggable(Level.INFO)) {
                    this.logger.log(Level.INFO, "eddsaSign error");
                    this.logger.log(Level.INFO, "private key:\n" + edDSArefPrivateKey.toString());
                    this.logger.log(Level.INFO, "data input:\n" + PrintUtil.toHexString(byteArray));
                }
                throw new RuntimeCryptoException("External eddsa private key signature error", e);
            }
        } else {
            try {
                eddsaSign = this.device.eddsaSign(keyIndex, keyType, byteArray, hsmIP);
            } catch (Exception e2) {
                if (this.logger.isLoggable(Level.INFO)) {
                    this.logger.log(Level.INFO, "eddsaSign error");
                    this.logger.log(Level.INFO, "keyIndex:\n" + keyIndex);
                    this.logger.log(Level.INFO, "data input:\n" + PrintUtil.toHexString(byteArray));
                }
                throw new RuntimeCryptoException("Internal eddsa private key signature error", e2);
            }
        }
        System.arraycopy(eddsaSign.getR(), 0, bArr, 0, 32);
        System.arraycopy(eddsaSign.getS(), 0, bArr, 32, 32);
        reset();
        return bArr;
    }

    @Override // com.sansec.crypto.Signer
    public boolean verifySignature(byte[] bArr) {
        boolean eddsaVerify;
        if (this.forSigning || null == this.publicKey) {
            throw new IllegalStateException("Ed25519Signer not initialised for verification");
        }
        byte[] byteArray = this.buffer.toByteArray();
        Ed25519PublicKeyParameters ed25519PublicKeyParameters = this.publicKey;
        int keyIndex = ed25519PublicKeyParameters.getKeyIndex();
        int keyType = ed25519PublicKeyParameters.getKeyType();
        String hsmIP = ed25519PublicKeyParameters.getHsmIP();
        EdDSArefSignature edDSArefSignature = new EdDSArefSignature();
        try {
            edDSArefSignature.decode(bArr);
        } catch (CryptoException e) {
            this.logger.log(Level.INFO, "eddsaSign error,edDSArefSignature.decode()");
        }
        if (keyIndex == 0) {
            EdDSArefPublicKey edDSArefPublicKey = new EdDSArefPublicKey(256, 1, this.publicKey.getEncoded());
            try {
                eddsaVerify = this.device.eddsaVerify(edDSArefPublicKey, byteArray, edDSArefSignature, hsmIP);
            } catch (Exception e2) {
                if (this.logger.isLoggable(Level.INFO)) {
                    this.logger.log(Level.INFO, "eddsaVerify error", (Throwable) e2);
                    this.logger.log(Level.INFO, "publicKey:\n" + edDSArefPublicKey.toString());
                    this.logger.log(Level.INFO, "signature:\n" + Hex.toHexString(bArr));
                    this.logger.log(Level.INFO, "data input:\n" + PrintUtil.toHexString(byteArray));
                }
                throw new RuntimeCryptoException("External Eddsa public key verification error", e2);
            }
        } else {
            try {
                eddsaVerify = this.device.eddsaVerify(keyIndex, keyType, byteArray, edDSArefSignature, hsmIP);
            } catch (Exception e3) {
                if (this.logger.isLoggable(Level.INFO)) {
                    this.logger.log(Level.INFO, "eddsaVerify error", (Throwable) e3);
                    this.logger.log(Level.INFO, "keyIndex:\n" + keyIndex);
                    this.logger.log(Level.INFO, "signature:\n" + Hex.toHexString(bArr));
                    this.logger.log(Level.INFO, "data input:\n" + PrintUtil.toHexString(byteArray));
                }
                throw new RuntimeCryptoException("Internal Eddsa public key verification error", e3);
            }
        }
        return eddsaVerify;
    }

    @Override // com.sansec.crypto.Signer
    public void reset() {
        this.buffer.reset();
    }
}
