package com.xdja.pki.itsca.oer.utils;

import com.xdja.pki.gmssl.core.utils.GMSSLX509Utils;
import com.xdja.pki.gmssl.crypto.utils.GMSSLSM3DigestUtils;
import com.xdja.pki.itsca.oer.app.SignatureVerify;
import com.xdja.pki.itsca.oer.asn1.Certificate;
import com.xdja.pki.itsca.oer.asn1.SecuredMessage;
import com.xdja.pki.itsca.oer.asn1.SignedData;
import com.xdja.pki.itsca.oer.asn1.ValidityPeriod;
import com.xdja.pki.itsca.oer.cert.CertificateHolder;
import com.xdja.pki.itsca.oer.cert.bean.OERCertificate;
import com.xdja.pki.itsca.oer.enums.EccPointTypeEnum;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.math.BigInteger;
import java.security.PublicKey;
import java.security.interfaces.ECPublicKey;
import java.util.Date;
import org.apache.commons.io.IOUtils;
import org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPublicKey;
import org.bouncycastle.jce.ECNamedCurveTable;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.jce.spec.ECNamedCurveParameterSpec;
import org.bouncycastle.jce.spec.ECPublicKeySpec;
import org.bouncycastle.math.ec.ECCurve;
import org.bouncycastle.util.BigIntegers;
import org.bouncycastle.util.encoders.Hex;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/xdja/pki/itsca/oer/utils/OERUtils.class */
public class OERUtils {
    private static Logger logger = LoggerFactory.getLogger(OERUtils.class);

    public static boolean checkPublicKey(String str) {
        try {
            GMSSLX509Utils.convertSM2PublicKey(Hex.decode(str.substring(0, 64)), Hex.decode(str.substring(64)));
            return true;
        } catch (Exception e) {
            e.printStackTrace();
            return false;
        }
    }

    public static String pointTo(String str) {
        while (str.length() <= 7) {
            str = "0" + str;
        }
        int length = str.length() - 7;
        return str.substring(0, length) + "." + str.substring(length);
    }

    public static byte[] readByteArray(InputStream inputStream) throws IOException {
        if (inputStream == null) {
            throw new IOException("Input stream is null");
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        IOUtils.copy(inputStream, byteArrayOutputStream);
        return byteArrayOutputStream.toByteArray();
    }

    public static OERCertificate convertOERCertificate(InputStream inputStream) throws Exception {
        if (inputStream == null) {
            throw new Exception("Input stream is null");
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        IOUtils.copy(inputStream, byteArrayOutputStream);
        return convertOERCertificate(byteArrayOutputStream.toByteArray());
    }

    public static OERCertificate convertOERCertificate(byte[] bArr) throws Exception {
        return CertificateHolder.build(bArr);
    }

    public static boolean verifyOerSignature(byte[] bArr, byte[] bArr2) throws Exception {
        OERCertificate build = CertificateHolder.build(bArr2);
        byte[] digestByYunhsm = GMSSLSM3DigestUtils.digestByYunhsm(Certificate.getInstance(bArr).getTbsCert().getEncode());
        if (isEqual(bArr, bArr2)) {
            return SignatureVerify.verify(build.getSignPublicKey(), buildUpByte(digestByYunhsm, GMSSLSM3DigestUtils.digestByYunhsm("".getBytes())), Certificate.getInstance(bArr).getSignature());
        }
        return SignatureVerify.verify(build.getSignPublicKey(), buildUpByte(digestByYunhsm, GMSSLSM3DigestUtils.digestByYunhsm(bArr2)), Certificate.getInstance(bArr).getSignature());
    }

    public static byte[] buildUpByte(byte[] bArr, byte[] bArr2) {
        byte[] bArr3 = new byte[bArr.length + bArr2.length];
        System.arraycopy(bArr, 0, bArr3, 0, bArr.length);
        System.arraycopy(bArr2, 0, bArr3, bArr.length, bArr2.length);
        return bArr3;
    }

    public static String generatePublicKey() throws Exception {
        return convertPublicKey((ECPublicKey) BCUtils.generateSM2KeyPairByBC().getPublic());
    }

    public static String convertPublicKey(PublicKey publicKey) {
        if (publicKey == null) {
            return null;
        }
        ECPublicKey eCPublicKey = (ECPublicKey) publicKey;
        byte[] changeByteArrayLength = ByteArrayUtils.changeByteArrayLength(eCPublicKey.getW().getAffineX());
        byte[] changeByteArrayLength2 = ByteArrayUtils.changeByteArrayLength(eCPublicKey.getW().getAffineY());
        return Hex.toHexString(changeByteArrayLength) + Hex.toHexString(changeByteArrayLength2);
    }

    public static String getHashIdString(byte[] bArr, int i) throws Exception {
        return Hex.toHexString(getHashId(bArr, i));
    }

    public static byte[] getHashId(byte[] bArr, int i) throws Exception {
        byte[] digestByYunhsm = GMSSLSM3DigestUtils.digestByYunhsm(bArr);
        byte[] bArr2 = new byte[i];
        System.arraycopy(digestByYunhsm, digestByYunhsm.length - i, bArr2, 0, bArr2.length);
        return bArr2;
    }

    public static byte[] subByteHashId(byte[] bArr, int i) throws Exception {
        byte[] bArr2 = new byte[i];
        System.arraycopy(bArr, bArr.length - i, bArr2, 0, bArr2.length);
        return bArr2;
    }

    public static String getHashId8String(byte[] bArr) throws Exception {
        return Hex.toHexString(getHashId(bArr, 8));
    }

    public static String getHashId10String(byte[] bArr) throws Exception {
        return Hex.toHexString(getHashId(bArr, 10));
    }

    public static byte[] getHashId8(byte[] bArr) throws Exception {
        return getHashId(bArr, 8);
    }

    public static byte[] getHashId10(byte[] bArr) throws Exception {
        return getHashId(bArr, 10);
    }

    public static boolean isEqual(byte[] bArr, byte[] bArr2) {
        if (bArr.length != bArr2.length) {
            return false;
        }
        boolean z = true;
        boolean z2 = true;
        for (int i = 0; i < bArr.length; i++) {
            if (bArr[i] != bArr2[i]) {
                z = false;
            }
        }
        if (!z) {
            for (int i2 = 0; i2 < bArr.length; i2++) {
                if (bArr[i2] != bArr2[(bArr.length - 1) - i2]) {
                    z2 = false;
                }
            }
        }
        return z || z2;
    }

    public static Certificate getCertificate(String str) throws Exception {
        return Certificate.getInstance(readFile(str));
    }

    public static boolean verifySecuredMessageSignatureByCert(Certificate certificate, SecuredMessage securedMessage) throws Exception {
        SignedData signedData = securedMessage.getPayload().getSignedData();
        return SignatureVerify.verify(CertificateHolder.build(certificate.getEncode()).getSignPublicKey(), buildUpByte(GMSSLSM3DigestUtils.digestByYunhsm(signedData.getTbs().getEncode()), GMSSLSM3DigestUtils.digestByYunhsm(certificate.getEncode())), signedData.getSign());
    }

    public static boolean verifySecuredMessageSignatureBySelf(PublicKey publicKey, SecuredMessage securedMessage) throws Exception {
        SignedData signedData = securedMessage.getPayload().getSignedData();
        return SignatureVerify.verify(publicKey, buildUpByte(GMSSLSM3DigestUtils.digestByYunhsm(signedData.getTbs().getEncode()), GMSSLSM3DigestUtils.digestByYunhsm("".getBytes())), signedData.getSign());
    }

    public static Date getStartTime(ValidityPeriod validityPeriod, Date date, Date date2) throws Exception {
        if (null == validityPeriod.getTimeStartAndEnd()) {
            return null;
        }
        Date timeFromNumber = TimeUtils.getTimeFromNumber(BigIntegers.fromUnsignedByteArray(validityPeriod.getTimeStartAndEnd().getStartValidity().getEncode()).longValue());
        if (timeFromNumber.getTime() >= date2.getTime()) {
            throw new Exception("设置的起始时间不能超过CA证书有效期");
        }
        return date.getTime() > timeFromNumber.getTime() ? date : timeFromNumber;
    }

    public static Date getEndTime(ValidityPeriod validityPeriod, Date date, Date date2, int i) throws Exception {
        BigInteger fromUnsignedByteArray;
        if (null != validityPeriod.getTimeEnd()) {
            fromUnsignedByteArray = BigIntegers.fromUnsignedByteArray(validityPeriod.getTimeEnd().getEncode());
        } else {
            if (null == validityPeriod.getTimeStartAndEnd()) {
                throw new Exception("未配置时间限定");
            }
            fromUnsignedByteArray = BigIntegers.fromUnsignedByteArray(validityPeriod.getTimeStartAndEnd().getEndValidity().getEncode());
        }
        Date timeFromNumber = TimeUtils.getTimeFromNumber(fromUnsignedByteArray.longValue());
        if (timeFromNumber.getTime() <= date2.getTime()) {
            throw new Exception("设置的失效时间不能小于设置的起始时间 结束时间" + timeFromNumber + " 起始时间 {}" + date2);
        }
        if (date.getTime() < timeFromNumber.getTime()) {
            timeFromNumber = date;
        }
        long j = 86400000 * i;
        if (timeFromNumber.getTime() - date2.getTime() > j) {
            timeFromNumber = new Date(date2.getTime() + j);
        }
        return timeFromNumber;
    }

    public static byte[] readCertFileByteArray(String str, String str2) throws Exception {
        return readFile(str + File.separator + str2);
    }

    public static OERCertificate readCertFile(String str, String str2) throws Exception {
        return CertificateHolder.build(readFile(str + File.separator + str2));
    }

    public static byte[] readFile(String str) throws IOException {
        InputStream systemResourceAsStream = ClassLoader.getSystemResourceAsStream(str);
        if (systemResourceAsStream == null) {
            systemResourceAsStream = new FileInputStream(str);
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        IOUtils.copy(systemResourceAsStream, byteArrayOutputStream);
        return byteArrayOutputStream.toByteArray();
    }

    public static ECPublicKey decodePoint(EccPointTypeEnum eccPointTypeEnum, byte[] bArr) throws Exception {
        byte[] buildUpByte;
        ECNamedCurveParameterSpec parameterSpec = ECNamedCurveTable.getParameterSpec(X509Utils.ECC_SM2_NAME);
        ECCurve curve = parameterSpec.getCurve();
        switch (eccPointTypeEnum) {
            case UNCOMPRESSED:
                buildUpByte = ByteArrayUtils.buildUpByte(new byte[]{4}, bArr);
                break;
            case COMPRESSED_Y0:
                buildUpByte = ByteArrayUtils.buildUpByte(new byte[]{2}, bArr);
                break;
            case COMPRESSED_Y1:
                buildUpByte = ByteArrayUtils.buildUpByte(new byte[]{3}, bArr);
                break;
            default:
                throw new Exception("eccPoint type is error " + eccPointTypeEnum.value);
        }
        return new BCECPublicKey(X509Utils.ECC_SM2_NAME, new ECPublicKeySpec(curve.decodePoint(buildUpByte), parameterSpec), BouncyCastleProvider.CONFIGURATION);
    }
}
