package com.dji.sample.territory.utils;

import lombok.SneakyThrows;
import org.bouncycastle.crypto.CipherParameters;
import org.bouncycastle.crypto.engines.SM2Engine;
import org.bouncycastle.crypto.params.ECDomainParameters;
import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
import org.bouncycastle.crypto.params.ECPublicKeyParameters;
import org.bouncycastle.crypto.signers.SM2Signer;
import org.bouncycastle.jce.ECNamedCurveTable;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.jce.spec.ECParameterSpec;
import org.bouncycastle.math.ec.ECCurve;
import org.bouncycastle.math.ec.ECPoint;
import org.bouncycastle.math.ec.FixedPointCombMultiplier;

import java.math.BigInteger;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.Security;
import java.security.spec.ECGenParameterSpec;
import java.util.Arrays;

/**
 * @PROJECT_NAME: drone
 * @DESCRIPTION:
 * @USER: aix
 * @DATE: 2024/5/9 10:09
 */
public class SM2SignUtil {

    static {
        Security.addProvider(new BouncyCastleProvider());
    }

    @SneakyThrows
    public static ECPrivateKeyParameters getSM2PrivateKey() {

        String privateKeyHex = "23E57DA1E4AB865CCBC325B668762207DEF74345B782237808AE0BABDF26734D";

        // 获取SM2曲线的参数
        ECParameterSpec ecSpec = ECNamedCurveTable.getParameterSpec("sm2p256v1");
        ECDomainParameters domainParams = new ECDomainParameters(
                ecSpec.getCurve(), ecSpec.getG(), ecSpec.getN(), ecSpec.getH(), null);

        // 将十六进制字符串表示的私钥转换为BigInteger
        BigInteger privateKey = new BigInteger(privateKeyHex, 16);

        // 创建ECPrivateKeyParameters
        return new ECPrivateKeyParameters(privateKey, domainParams);
    }

    public static boolean verify(byte[] dataHash, byte[] signature) {

        String publicKeyHex = "044D6061FC08A19D3F32CEAA8CF6679B40500008FD741FC26DE7E50AEBF3A9115D47274437730EADEDAEF0CCC4853C5F0B35B30C6AEA83A5F6FBCA4ABEAC9E3B98";

        // 获取SM2曲线的参数
        ECParameterSpec ecSpec = ECNamedCurveTable.getParameterSpec("sm2p256v1");
        ECDomainParameters domainParams = new ECDomainParameters(
                ecSpec.getCurve(), ecSpec.getG(), ecSpec.getN(), ecSpec.getH(), null);
        // 解析十六进制公钥
        // 公钥通常是压缩或未压缩的EC点坐标的十六进制表示
        // 这里我们假设公钥是未压缩的（65字节，以04开头）
        byte[] pubKeyBytes = hexStringToByteArray(publicKeyHex);
        if (pubKeyBytes[0] != 0x04) {
            throw new IllegalArgumentException("Unsupported public key format, expecting uncompressed point (04 prefix)");
        }
        ECPoint q = ecSpec.getCurve().decodePoint(Arrays.copyOfRange(pubKeyBytes, 1, pubKeyBytes.length));
        ECPublicKeyParameters ecPublicKeyParameters = new ECPublicKeyParameters(q, domainParams);

        // 创建SM2签名验证器
        SM2Signer verifier = new SM2Signer();
        verifier.init(false, ecPublicKeyParameters);

        // 更新数据哈希值
        verifier.update(dataHash, 0, dataHash.length);

        // 验证签名
        return verifier.verifySignature(signature);
    }

    // 辅助方法：将十六进制字符串转换为字节数组
    private static byte[] hexStringToByteArray(String s) {
        int len = s.length();
        byte[] data = new byte[len / 2];
        for (int i = 0; i < len; i += 2) {
            data[i / 2] = (byte) ((Character.digit(s.charAt(i), 16) << 4)
                    + Character.digit(s.charAt(i+1), 16));
        }
        return data;
    }

    // 使用SM2私钥对哈希值进行签名
    public static String signWithSM2(byte[] hash, ECPrivateKeyParameters sm2PrivateKey) throws Exception {
        // 创建SM2签名器
        SM2Signer signer = new SM2Signer();
        signer.init(true, sm2PrivateKey);
        // 对哈希值进行签名
        signer.update(hash, 0, hash.length);
        byte[] signature = signer.generateSignature();

        // 将签名转换为十六进制大写字符串
        StringBuilder hexString = new StringBuilder();
        for (byte b : signature) {
            String hex = Integer.toHexString(0xff & b);
            if (hex.length() == 1) hexString.append('0');
            hexString.append(hex);
        }
        return hexString.toString().toUpperCase();
    }

//    public static void main(String[] args) throws Exception {
//        // 示例哈希值（这里只是一个占位符，你应该使用实际的哈希值）
////        String sm3 = Sm3Util.calculateSM3Hash("FJHXZ,PSSJ,Longitude,Latitude,PSFYJ,PSJD,PSHGJ,PSRY,ZSDM");
////        System.out.println("sm3 in hash: " + sm3);
//        byte[] hash = sm3.getBytes(); // 注意：使用SM3或其他哈希算法来计算数据的哈希值
//
//        // 加载私钥
//        ECPrivateKeyParameters sm2PrivateKey = getSM2PrivateKey();
//
//        // 使用SM2私钥对哈希值进行签名
//        String signatureHex = signWithSM2(hash, sm2PrivateKey);
////        System.out.println("Signature in hex (uppercase): " + signatureHex);
//
////        //验证
////        // 示例数据哈希（SM3哈希值）
////        byte[] dataHash = hash; // 注意：这里仅作为示例，你需要用实际的SM3哈希值
////
////        // 示例签名（字节数组）
////        byte[] signature = signatureHex.getBytes(); // 注意：这里仅作为示例，你需要用实际的签名值
////
////        // 验证签名
////        boolean isValid = verify(dataHash, signature);
////
////        // 输出验证结果
////        System.out.println("Signature is valid: " + isValid);
//
//    }

}