package org.chainmaker.sdk.utils;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.StringReader;
import java.io.StringWriter;
import java.math.BigInteger;
import java.nio.charset.StandardCharsets;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import java.security.Security;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.interfaces.ECPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.RSAPrivateKeySpec;
import java.security.spec.RSAPublicKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Objects;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
import org.bouncycastle.asn1.pkcs.RSAPublicKey;
import org.bouncycastle.asn1.sec.ECPrivateKey;
import org.bouncycastle.asn1.x509.SubjectKeyIdentifier;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.crypto.digests.SHA256Digest;
import org.bouncycastle.crypto.digests.SM3Digest;
import org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPublicKey;
import org.bouncycastle.jcajce.provider.digest.Keccak;
import org.bouncycastle.jce.ECNamedCurveTable;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.jce.spec.ECParameterSpec;
import org.bouncycastle.jce.spec.ECPrivateKeySpec;
import org.bouncycastle.jce.spec.ECPublicKeySpec;
import org.bouncycastle.openssl.PEMKeyPair;
import org.bouncycastle.openssl.PEMParser;
import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;
import org.bouncycastle.util.encoders.Hex;
import org.bouncycastle.util.io.pem.PemObject;
import org.bouncycastle.util.io.pem.PemReader;
import org.bouncycastle.util.io.pem.PemWriter;
import org.chainmaker.pb.config.ChainConfigOuterClass;
import org.chainmaker.sdk.crypto.ChainMakerCryptoSuiteException;
import org.web3j.crypto.Hash;

/* loaded from: input_file:org/chainmaker/sdk/utils/CryptoUtils.class */
public class CryptoUtils {
    private static final int ZX_ADDR_SUFFIX_LENGTH = 20;
    private static final String ZX_ADDR_PREFIX = "ZX";
    private static final String RSA_PRE = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A";
    private static final String HEX_ADDR_PREFIX = "0x";
    private static final String SECP256R1 = "secp256r1";
    private static final String SECP = "secp";

    private CryptoUtils() {
        throw new IllegalStateException("Crypto Utils class");
    }

    public static PrivateKey getPrivateKeyFromBytes(byte[] bArr) throws ChainMakerCryptoSuiteException {
        PrivateKey privateKey;
        try {
            PemObject readPemObject = new PemReader(new StringReader(new String(bArr))).readPemObject();
            PEMParser pEMParser = new PEMParser(new StringReader(new String(bArr)));
            if (readPemObject.getType().equals("PRIVATE KEY")) {
                privateKey = new JcaPEMKeyConverter().getPrivateKey((PrivateKeyInfo) pEMParser.readObject());
            } else {
                if (readPemObject.getType().equals("EC PRIVATE KEY")) {
                    ECPrivateKey eCPrivateKey = ECPrivateKey.getInstance(ASN1Sequence.getInstance(readPemObject.getContent()));
                    Security.addProvider(new BouncyCastleProvider());
                    return KeyFactory.getInstance("ECDSA", (Provider) new BouncyCastleProvider()).generatePrivate(new ECPrivateKeySpec(eCPrivateKey.getKey(), ECNamedCurveTable.getParameterSpec(SECP256R1)));
                }
                privateKey = new JcaPEMKeyConverter().getPrivateKey(((PEMKeyPair) pEMParser.readObject()).getPrivateKeyInfo());
            }
            return privateKey;
        } catch (Exception e) {
            throw new ChainMakerCryptoSuiteException(e.toString());
        }
    }

    public static PublicKey getPublicKeyFromPrivateKey(PrivateKey privateKey) throws ChainMakerCryptoSuiteException, NoSuchAlgorithmException, InvalidKeySpecException, NoSuchProviderException {
        PublicKey generatePublic;
        String algorithm = privateKey.getAlgorithm();
        if ("RSA".equals(algorithm)) {
            KeyFactory keyFactory = KeyFactory.getInstance("RSA");
            generatePublic = keyFactory.generatePublic(new RSAPublicKeySpec(((RSAPrivateKeySpec) keyFactory.getKeySpec(privateKey, RSAPrivateKeySpec.class)).getModulus(), BigInteger.valueOf(65537L)));
        } else {
            if (!"ECDSA".equals(algorithm) && !"EC".equals(algorithm)) {
                throw new ChainMakerCryptoSuiteException("Not support private key for algorithm: " + algorithm);
            }
            KeyFactory keyFactory2 = KeyFactory.getInstance("ECDSA", "BC");
            org.bouncycastle.jce.interfaces.ECPrivateKey eCPrivateKey = (org.bouncycastle.jce.interfaces.ECPrivateKey) privateKey;
            ECParameterSpec parameters = eCPrivateKey.getParameters();
            generatePublic = keyFactory2.generatePublic(new ECPublicKeySpec(parameters.getG().multiply(eCPrivateKey.getD()), parameters));
        }
        return generatePublic;
    }

    public static String makeAddrFromPubKeyPem(PublicKey publicKey) throws IOException {
        byte[] encoded = new SubjectPublicKeyInfo(ASN1Sequence.getInstance(publicKey.getEncoded())).parsePublicKey().getEncoded();
        SHA256Digest sHA256Digest = new SHA256Digest();
        byte[] bArr = new byte[sHA256Digest.getDigestSize()];
        sHA256Digest.update(encoded, 0, encoded.length);
        sHA256Digest.doFinal(bArr, 0);
        byte[] decode = Hex.decode(Hex.toHexString(bArr));
        Keccak.Digest256 digest256 = new Keccak.Digest256();
        digest256.update(decode, 0, decode.length);
        return HEX_ADDR_PREFIX + Hex.toHexString(digest256.digest()).substring(24);
    }

    public static String makeAddrFromCert(Certificate certificate) throws UtilsException {
        try {
            try {
                byte[] decode = Hex.decode(Hex.toHexString(SubjectKeyIdentifier.fromExtensions(org.bouncycastle.asn1.x509.Certificate.getInstance(new ASN1InputStream(new ByteArrayInputStream(certificate.getEncoded())).readObject()).getTBSCertificate().getExtensions()).getKeyIdentifier()));
                Keccak.Digest256 digest256 = new Keccak.Digest256();
                digest256.update(decode, 0, decode.length);
                return HEX_ADDR_PREFIX + Hex.toHexString(digest256.digest()).substring(24);
            } catch (IOException e) {
                throw new UtilsException("certificate to ASN1Sequence err : " + e.getMessage());
            }
        } catch (CertificateEncodingException e2) {
            throw new UtilsException("certificate to ByteArrayInputStream err : " + e2.getMessage());
        }
    }

    public static String getPemStrFromPublicKey(PublicKey publicKey) throws UtilsException {
        StringWriter stringWriter = new StringWriter();
        PemWriter pemWriter = new PemWriter(stringWriter);
        try {
            pemWriter.writeObject(new PemObject("PUBLIC KEY", publicKey.getEncoded()));
            pemWriter.flush();
            pemWriter.close();
            return stringWriter.toString();
        } catch (IOException e) {
            throw new UtilsException("publicKey parse to pem err :" + e.getMessage());
        }
    }

    public static String getZXAddressFromPKPEM(String str) throws UtilsException {
        try {
            byte[] encoded = RSAPublicKey.getInstance(new PemReader(new StringReader(new String(str.replace(RSA_PRE, "")))).readPemObject().getContent()).toASN1Primitive().getEncoded();
            SM3Digest sM3Digest = new SM3Digest();
            byte[] bArr = new byte[sM3Digest.getDigestSize()];
            sM3Digest.update(encoded, 0, encoded.length);
            sM3Digest.doFinal(bArr, 0);
            byte[] bArr2 = new byte[20];
            System.arraycopy(bArr, 0, bArr2, 0, 20);
            return ZX_ADDR_PREFIX + Hex.toHexString(bArr2);
        } catch (IOException e) {
            throw new UtilsException("publicKey parse to addr err :" + e.getMessage());
        }
    }

    public static String getEVMAddressFromCertBytes(byte[] bArr) {
        try {
            return certToAddrStr(parseCertificate(bArr), ChainConfigOuterClass.AddrType.ETHEREUM);
        } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
            throw new RuntimeException(e);
        }
    }

    public static String getEVMAddressFromPrivateKeyBytes(byte[] bArr, String str) {
        try {
            return pkToAddrStr(getPublicKeyFromPrivateKey(getPrivateKeyFromBytes(bArr)), ChainConfigOuterClass.AddrType.ETHEREUM, str);
        } catch (NoSuchAlgorithmException | NoSuchProviderException | InvalidKeySpecException | ChainMakerCryptoSuiteException e) {
            throw new RuntimeException(e);
        }
    }

    public static String getEVMAddressFromPKHex(String str, String str2, String str3) {
        return pkToAddrStr(hexToPublicKey(str, str3), ChainConfigOuterClass.AddrType.ETHEREUM, str2);
    }

    public static String getEVMAddressFromPKPEM(String str, String str2, String str3) {
        return pkToAddrStr(publicKeyFromPem(str, str3), ChainConfigOuterClass.AddrType.ETHEREUM, str2);
    }

    public static String getZXAddressFromPKHex(String str, String str2, String str3) {
        return ZX_ADDR_PREFIX + pkToAddrStr(hexToPublicKey(str, str3), ChainConfigOuterClass.AddrType.ZXL, str2);
    }

    public static String getZXAddressFromPKPEM(String str, String str2, String str3) {
        return ZX_ADDR_PREFIX + pkToAddrStr(publicKeyFromPem(str, str3), ChainConfigOuterClass.AddrType.ZXL, str2);
    }

    public static String getZXAddressFromCertPEM(String str) {
        try {
            return ZX_ADDR_PREFIX + certToAddrStr(parseCertificate(str.getBytes(StandardCharsets.UTF_8)), ChainConfigOuterClass.AddrType.ZXL);
        } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
            throw new RuntimeException(e);
        }
    }

    public static String getCMAddressFromPKHex(String str, String str2, String str3) {
        return pkToAddrStr(hexToPublicKey(str, str3), ChainConfigOuterClass.AddrType.CHAINMAKER, str2);
    }

    public static String getCMAddressFromPKPEM(String str, String str2, String str3) {
        return pkToAddrStr(publicKeyFromPem(str, str3), ChainConfigOuterClass.AddrType.CHAINMAKER, str2);
    }

    public static String getCMAddressFromCertPEM(String str) {
        try {
            return certToAddrStr(parseCertificate(str.getBytes()), ChainConfigOuterClass.AddrType.CHAINMAKER);
        } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
            throw new RuntimeException(e);
        }
    }

    private static String generteAddrStr(byte[] bArr, ChainConfigOuterClass.AddrType addrType) {
        return addrType == ChainConfigOuterClass.AddrType.ZXL ? zxAddress(bArr).substring(2) : Hex.toHexString(keccak256(bArr)).substring(24);
    }

    public static String nameToAddrStr(String str, ChainConfigOuterClass.AddrType addrType) {
        return generteAddrStr(str.getBytes(StandardCharsets.UTF_8), addrType);
    }

    public static String pkToAddrStr(PublicKey publicKey, ChainConfigOuterClass.AddrType addrType, String str) {
        if (addrType == ChainConfigOuterClass.AddrType.CHAINMAKER) {
            return generteAddrStr(Hash.hash(SubjectPublicKeyInfo.getInstance(ASN1Sequence.getInstance(publicKey.getEncoded())).getPublicKeyData().getBytes(), str), addrType);
        }
        byte[] marshalPublicKey = marshalPublicKey(publicKey);
        if (addrType != ChainConfigOuterClass.AddrType.ETHEREUM) {
            return generteAddrStr(marshalPublicKey, addrType);
        }
        byte[] bArr = new byte[marshalPublicKey.length - 1];
        System.arraycopy(marshalPublicKey, 1, bArr, 0, marshalPublicKey.length - 1);
        return generteAddrStr(bArr, addrType);
    }

    public static String certToAddrStr(Certificate certificate, ChainConfigOuterClass.AddrType addrType) throws NoSuchAlgorithmException, InvalidKeySpecException {
        if (addrType == ChainConfigOuterClass.AddrType.CHAINMAKER) {
            ByteArrayInputStream byteArrayInputStream = null;
            try {
                byteArrayInputStream = new ByteArrayInputStream(certificate.getEncoded());
            } catch (CertificateEncodingException e) {
            }
            ASN1Sequence aSN1Sequence = null;
            try {
                aSN1Sequence = new ASN1InputStream(byteArrayInputStream).readObject();
            } catch (IOException e2) {
            }
            return generteAddrStr(SubjectKeyIdentifier.fromExtensions(org.bouncycastle.asn1.x509.Certificate.getInstance(aSN1Sequence).getTBSCertificate().getExtensions()).getKeyIdentifier(), addrType);
        }
        byte[] marshalPublicKey = marshalPublicKey(certificate.getPublicKey());
        if (addrType != ChainConfigOuterClass.AddrType.ETHEREUM) {
            return generteAddrStr(marshalPublicKey, addrType);
        }
        byte[] bArr = new byte[marshalPublicKey.length - 1];
        System.arraycopy(marshalPublicKey, 1, bArr, 0, marshalPublicKey.length - 1);
        return generteAddrStr(bArr, addrType);
    }

    private static String zxAddress(byte[] bArr) {
        SM3Digest sM3Digest = new SM3Digest();
        sM3Digest.update(bArr, 0, bArr.length);
        byte[] bArr2 = new byte[sM3Digest.getDigestSize()];
        sM3Digest.doFinal(bArr2, 0);
        if (bArr2.length < 20) {
            return "";
        }
        byte[] bArr3 = new byte[20];
        System.arraycopy(bArr2, 0, bArr3, 0, 20);
        return ZX_ADDR_PREFIX + Hex.toHexString(bArr3);
    }

    private static byte[] keccak256(byte[] bArr) {
        return new Keccak.Digest256().digest(bArr);
    }

    private static PublicKey publicKeyFromPem(String str, String str2) {
        try {
            try {
                try {
                    return KeyFactory.getInstance(str2).generatePublic(new X509EncodedKeySpec(new PemReader(new StringReader(str)).readPemObject().getContent()));
                } catch (InvalidKeySpecException e) {
                    throw new RuntimeException(e);
                }
            } catch (IOException e2) {
                throw new RuntimeException(e2);
            }
        } catch (NoSuchAlgorithmException e3) {
            throw new RuntimeException(e3);
        }
    }

    private static PublicKey hexToPublicKey(String str, String str2) {
        try {
            try {
                return KeyFactory.getInstance(str2).generatePublic(new X509EncodedKeySpec(new BigInteger(str, 16).toByteArray()));
            } catch (InvalidKeySpecException e) {
                throw new RuntimeException(e);
            }
        } catch (NoSuchAlgorithmException e2) {
            throw new RuntimeException(e2);
        }
    }

    private static Certificate parseCertificate(byte[] bArr) {
        try {
            return (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(bArr));
        } catch (CertificateException e) {
            throw new RuntimeException(e);
        }
    }

    private static byte[] marshalPublicKey(PublicKey publicKey) {
        if (Objects.equals(publicKey.getAlgorithm(), "ECDSA") || Objects.equals(publicKey.getAlgorithm(), "EC")) {
            if (publicKey instanceof BCECPublicKey) {
                BCECPublicKey bCECPublicKey = (BCECPublicKey) publicKey;
                return publicKeyToByte(bCECPublicKey, bCECPublicKey.getParameters().getName());
            }
            BCECPublicKey bCECPublicKey2 = new BCECPublicKey((ECPublicKey) publicKey, BouncyCastleProvider.CONFIGURATION);
            return publicKeyToByte(bCECPublicKey2, bCECPublicKey2.getParams().toString());
        }
        if (!Objects.equals(publicKey.getAlgorithm(), "RSA")) {
            return new byte[0];
        }
        try {
            return ((RSAPublicKey) publicKey).toASN1Primitive().getEncoded();
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
    }

    private static byte[] publicKeyToByte(BCECPublicKey bCECPublicKey, String str) {
        return str.contains(SECP) ? ecPublickeyToByte(bCECPublicKey) : sm2PublickeyToByte(bCECPublicKey);
    }

    private static byte[] sm2PublickeyToByte(BCECPublicKey bCECPublicKey) {
        int fieldSize = (bCECPublicKey.getParams().getCurve().getField().getFieldSize() + 7) / 8;
        BigInteger bigInteger = bCECPublicKey.getQ().getXCoord().toBigInteger();
        BigInteger bigInteger2 = bCECPublicKey.getQ().getYCoord().toBigInteger();
        byte[] byteArray = bigInteger.abs().toByteArray();
        byte[] byteArray2 = bigInteger2.abs().toByteArray();
        byte[] bArr = new byte[1 + (2 * fieldSize)];
        bArr[0] = 4;
        System.arraycopy(byteArray, 0, bArr, 1, fieldSize);
        System.arraycopy(byteArray2, 0, bArr, fieldSize + 1, fieldSize);
        return bArr;
    }

    private static byte[] ecPublickeyToByte(BCECPublicKey bCECPublicKey) {
        int fieldSize = (bCECPublicKey.getParams().getCurve().getField().getFieldSize() + 7) / 8;
        byte[] encoded = bCECPublicKey.getQ().getXCoord().getEncoded();
        byte[] encoded2 = bCECPublicKey.getQ().getYCoord().getEncoded();
        byte[] bArr = new byte[1 + (2 * fieldSize)];
        bArr[0] = 4;
        System.arraycopy(encoded, 0, bArr, 1, fieldSize);
        System.arraycopy(encoded2, 0, bArr, fieldSize + 1, fieldSize);
        return bArr;
    }

    static {
        Security.addProvider(new BouncyCastleProvider());
    }
}
