package cn.com.infosec.netsign.crypto.util;

import cn.com.infosec.asn1.x509.X509Name;
import cn.com.infosec.jce.PKCS7SignedData;
import cn.com.infosec.jce.X509V1CertificateGenerator;
import cn.com.infosec.jce.provider.InfosecProvider;
import cn.com.infosec.netsign.base.NSMessageOpt;
import cn.com.infosec.netsign.crypto.exception.CryptoException;
import java.io.BufferedInputStream;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Security;
import java.security.Signature;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Arrays;
import java.util.Date;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: input_file:cn/com/infosec/netsign/crypto/util/SoftCryptoImpl.class */
public class SoftCryptoImpl {
    public static final int SHA1 = 100;
    public static final int MD5 = 101;
    public static final int MD2 = 102;
    public static final int KEY_128 = 128;
    public static final int KEY_192 = 192;
    public static final int KEY_256 = 256;
    public static final int KEY_512 = 512;
    public static final int KEY_1024 = 1024;
    public static final int KEY_2048 = 2048;
    public static final int KEY_4096 = 4096;
    public static final int AES = 300;
    public static final int TRIPLEDESCBC = 301;
    public static final int TRIPLEDES = 501;
    public static int SHA1_WITH_RSA = 200;
    public static int RC4 = 302;
    public static int RSA = 400;
    public static int RSAKeyPair = 500;

    private SoftCryptoImpl() {
    }

    public static byte[] sign(PrivateKey privateKey, byte[] bArr, String str, String str2) throws CryptoException {
        try {
            Signature signature = Signature.getInstance(getSignatureAlgorithm(str, NSMessageOpt.SIGN_CERT_RSA), str2);
            if (signature == null) {
                throw new CryptoException("Sign Error:Signature generator fail");
            }
            signature.initSign(privateKey);
            signature.update(bArr, 0, bArr.length);
            return signature.sign();
        } catch (CryptoException e) {
            throw e;
        } catch (Throwable th) {
            throw new CryptoException(new StringBuffer("Sign Error :").append(th.toString()).toString(), th);
        }
    }

    public static byte[] sign(PrivateKey privateKey, byte[] bArr, String str) throws CryptoException {
        try {
            Signature signature = Signature.getInstance(getSignatureAlgorithm(str, NSMessageOpt.SIGN_CERT_RSA), "INFOSEC");
            if (signature == null) {
                throw new CryptoException("Sign Error:Signature generator fail");
            }
            signature.initSign(privateKey);
            signature.update(bArr, 0, bArr.length);
            return signature.sign();
        } catch (CryptoException e) {
            throw e;
        } catch (Throwable th) {
            throw new CryptoException(new StringBuffer("Sign Error :").append(th.toString()).toString(), th);
        }
    }

    private static PrivateKey getPrivateKey(String str, byte[] bArr) throws CryptoException {
        try {
            return KeyFactory.getInstance(str, "INFOSEC").generatePrivate(new PKCS8EncodedKeySpec(bArr));
        } catch (Throwable th) {
            throw new CryptoException(new StringBuffer("p7Sign Error:Can not convert PrivateKey(Not PrivateKeyInfo) bytearray to Privatekey object :").append(th.toString()).toString(), th);
        }
    }

    private static String getSignatureAlgorithm(String str, String str2) {
        return new StringBuffer(String.valueOf(str)).append("with").append(str2).toString();
    }

    public static byte[] p7verify(byte[] bArr) throws CryptoException {
        try {
            PKCS7SignedData pKCS7SignedData = new PKCS7SignedData(bArr);
            byte[] contentData = pKCS7SignedData.getContentData();
            pKCS7SignedData.update(contentData, 0, contentData.length);
            if (pKCS7SignedData.verify()) {
                return contentData;
            }
            throw new CryptoException("Can not Verify GssAMessage");
        } catch (CryptoException e) {
            throw e;
        } catch (Throwable th) {
            throw new CryptoException(new StringBuffer("p7verify Error").append(th.toString()).toString(), th);
        }
    }

    public static byte[] p7sign(byte[] bArr, Certificate[] certificateArr, byte[] bArr2, boolean z) throws CryptoException {
        try {
            PKCS7SignedData pKCS7SignedData = new PKCS7SignedData(getPrivateKey(NSMessageOpt.SIGN_CERT_RSA, bArr), certificateArr, "SHA1");
            pKCS7SignedData.update(bArr2, 0, bArr2.length);
            return z ? pKCS7SignedData.getEncoded(bArr2) : pKCS7SignedData.getEncoded();
        } catch (Throwable th) {
            throw new CryptoException(new StringBuffer("P7Sign Error :").append(th.getMessage()).toString(), th);
        }
    }

    public static byte[] p7sign(PrivateKey privateKey, Certificate[] certificateArr, byte[] bArr, boolean z) throws CryptoException {
        try {
            PKCS7SignedData pKCS7SignedData = new PKCS7SignedData(privateKey, certificateArr, "SHA1");
            pKCS7SignedData.update(bArr, 0, bArr.length);
            return z ? pKCS7SignedData.getEncoded(bArr) : pKCS7SignedData.getEncoded();
        } catch (Throwable th) {
            throw new CryptoException(new StringBuffer("P7Sign Error:").append(th.getMessage()).toString(), th);
        }
    }

    public static byte[] encrypt(int i, byte[] bArr, byte[] bArr2, byte[] bArr3) throws CryptoException {
        byte[] doFinal;
        try {
            String desc = getDesc(i);
            SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, desc);
            Cipher cipher = Cipher.getInstance(desc, "INFOSEC");
            if (cipher == null) {
                throw new CryptoException("encryptError:Cipher construct fail");
            }
            if (i == RC4 || bArr3 == null) {
                cipher.init(1, secretKeySpec);
                doFinal = cipher.doFinal(bArr2);
            } else {
                cipher.init(1, secretKeySpec, new IvParameterSpec(bArr3));
                doFinal = cipher.doFinal(bArr2);
            }
            return doFinal;
        } catch (CryptoException e) {
            throw e;
        } catch (Throwable th) {
            throw new CryptoException(new StringBuffer("encryptError:").append(th.toString()).toString(), th);
        }
    }

    public static byte[] encryptWithRSAPubkey(PublicKey publicKey, byte[] bArr) throws CryptoException {
        try {
            Cipher cipher = Cipher.getInstance("RSA/NONE/PKCS1Padding", "INFOSEC");
            if (cipher == null) {
                throw new CryptoException("encryptWithRSAPubkeyError: Cipher construct fail");
            }
            cipher.init(1, publicKey);
            return cipher.doFinal(bArr);
        } catch (Throwable th) {
            throw new CryptoException(new StringBuffer("encryptWithRSAPubkeyError :").append(th.toString()).toString(), th);
        }
    }

    public static byte[] decryptWithRSAprivatekey(PrivateKey privateKey, byte[] bArr) throws CryptoException {
        try {
            Cipher cipher = Cipher.getInstance("RSA/NONE/PKCS1PADDING", "INFOSEC");
            if (cipher == null) {
                throw new CryptoException("decryptWithRSAprivatekeyError: Cipher construct fail");
            }
            cipher.init(2, privateKey);
            return cipher.doFinal(bArr);
        } catch (CryptoException e) {
            throw e;
        } catch (Throwable th) {
            throw new CryptoException(new StringBuffer("decryptWithRSAprivatekeyError: ").append(th.toString()).toString(), th);
        }
    }

    public static byte[] decrypt(int i, byte[] bArr, byte[] bArr2, byte[] bArr3) throws CryptoException {
        byte[] doFinal;
        try {
            String desc = getDesc(i);
            SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, desc);
            Cipher cipher = Cipher.getInstance(desc, "INFOSEC");
            if (cipher == null) {
                throw new CryptoException("decryptError:Cipher construct fail");
            }
            if (i == RC4 || bArr3 == null) {
                cipher.init(2, secretKeySpec);
                doFinal = cipher.doFinal(bArr2);
            } else {
                cipher.init(2, secretKeySpec, new IvParameterSpec(bArr3));
                doFinal = cipher.doFinal(bArr2);
            }
            return doFinal;
        } catch (CryptoException e) {
            throw e;
        } catch (Throwable th) {
            throw new CryptoException(new StringBuffer("decryptError :").append(th.toString()).toString(), th);
        }
    }

    public static byte[] hash(String str, byte[] bArr) throws CryptoException {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(str);
            if (messageDigest == null) {
                throw new CryptoException("hashError:Message Digest construct fail");
            }
            BufferedInputStream bufferedInputStream = new BufferedInputStream(new ByteArrayInputStream(bArr));
            if (bufferedInputStream == null) {
                throw new CryptoException("hashError:source data is invalid");
            }
            while (true) {
                int read = bufferedInputStream.read();
                if (read == -1) {
                    bufferedInputStream.close();
                    return messageDigest.digest();
                }
                messageDigest.update((byte) read);
            }
        } catch (CryptoException e) {
            throw e;
        } catch (Throwable th) {
            throw new CryptoException(new StringBuffer("hashError:").append(th.toString()).toString(), th);
        }
    }

    private static KeyPair genrsakeypair(String str, int i) throws Exception {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(str, "INFOSEC");
        keyPairGenerator.initialize(i, SecureRandom.getInstance("SHA1PRNG"));
        return keyPairGenerator.generateKeyPair();
    }

    private static void saveKeyStore(KeyStore keyStore, File file, char[] cArr) throws Exception {
        FileOutputStream fileOutputStream = new FileOutputStream(file);
        try {
            keyStore.store(fileOutputStream, cArr);
            fileOutputStream.close();
        } catch (IOException e) {
            throw e;
        } catch (KeyStoreException e2) {
            throw e2;
        } catch (NoSuchAlgorithmException e3) {
            throw e3;
        } catch (CertificateException e4) {
            throw e4;
        }
    }

    public static X509Certificate generateCert(String str, PublicKey publicKey, PrivateKey privateKey, String str2) throws Exception {
        X509Name x509Name = new X509Name(str);
        X509V1CertificateGenerator x509V1CertificateGenerator = new X509V1CertificateGenerator();
        x509V1CertificateGenerator.setIssuerDN(x509Name);
        x509V1CertificateGenerator.setNotBefore(new Date(System.currentTimeMillis()));
        x509V1CertificateGenerator.setNotAfter(new Date(System.currentTimeMillis() + (365 * 24 * 60 * 60 * 1000)));
        x509V1CertificateGenerator.setSubjectDN(x509Name);
        x509V1CertificateGenerator.setPublicKey(publicKey);
        x509V1CertificateGenerator.setSignatureAlgorithm(str2.toString());
        x509V1CertificateGenerator.setSerialNumber(generateX509SerialNumber());
        try {
            return x509V1CertificateGenerator.generateX509Certificate(privateKey);
        } catch (Exception e) {
            throw e;
        }
    }

    private static BigInteger generateX509SerialNumber() {
        return new BigInteger(Long.toString(System.currentTimeMillis() / 1000));
    }

    public static void importCAReplay(X509Certificate x509Certificate, String str, String str2, String str3, String str4) throws CryptoException {
        try {
            KeyStore keyStore = KeyStore.getInstance("jks");
            File file = new File(str);
            if (!file.exists()) {
                throw new CryptoException("JKS File Is Not Exists");
            }
            FileInputStream fileInputStream = new FileInputStream(file);
            keyStore.load(fileInputStream, str2.toCharArray());
            fileInputStream.close();
            Certificate certificate = keyStore.getCertificate(str3);
            if (certificate == null) {
                throw new CryptoException("The Alias Is Not Exists");
            }
            if (!Arrays.equals(certificate.getPublicKey().getEncoded(), x509Certificate.getPublicKey().getEncoded())) {
                throw new CryptoException("The CA reply is invalid");
            }
            Key key = keyStore.getKey(str3, str4.toCharArray());
            keyStore.deleteEntry(str3);
            keyStore.setKeyEntry(str3, key, str4.toCharArray(), new Certificate[]{x509Certificate});
            saveKeyStore(keyStore, file, str2.toCharArray());
        } catch (CryptoException e) {
            throw e;
        } catch (Throwable th) {
            throw new CryptoException(new StringBuffer("Import CA replay error :").append(th.toString()).toString(), th);
        }
    }

    public static byte[] genSecretKey(int i, int i2) throws CryptoException {
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance(getDesc(i), "INFOSEC");
            if (keyGenerator == null) {
                throw new CryptoException("genSecretKeyError:KeyGenerator construct fail");
            }
            keyGenerator.init(i2, new SecureRandom());
            SecretKey generateKey = keyGenerator.generateKey();
            if (generateKey == null) {
                throw new CryptoException("genSecretKeyError:SecretKey generator fail");
            }
            return generateKey.getEncoded();
        } catch (CryptoException e) {
            throw e;
        } catch (Exception e2) {
            throw new CryptoException(new StringBuffer("genSecretKeyError: ").append(e2.toString()).toString(), e2);
        }
    }

    public static String getDesc(int i) throws CryptoException {
        if (i == 100) {
            return "SHA1";
        }
        if (i == 101) {
            return "MD5";
        }
        if (i == 102) {
            return "MD2";
        }
        if (i == SHA1_WITH_RSA) {
            return "SHA1withRSA";
        }
        if (i == 300) {
            return "AES";
        }
        if (i == RSAKeyPair) {
            return NSMessageOpt.SIGN_CERT_RSA;
        }
        if (i == RC4) {
            return "RC4";
        }
        if (i == 501) {
            return "DESEDE";
        }
        if (i == 301) {
            return "1.2.840.113549.3.7";
        }
        if (i == RSA) {
            return "RSA/ECB/PKCS1Padding";
        }
        throw new CryptoException(new StringBuffer("Algorithmic ").append(i).append(" not yet implemented.").toString());
    }

    public static void main(String[] strArr) throws Exception {
        Security.addProvider(new InfosecProvider());
        hash("MD2", "11".getBytes());
    }
}
