package com.xdja.pki.ca.core.ca.util.gm.cert;

import com.xdja.pki.ca.core.ca.util.gm.SM2Util;
import java.io.ByteArrayInputStream;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.NoSuchProviderException;
import java.security.PublicKey;
import java.security.cert.CertPath;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.List;
import org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPublicKey;
import org.bouncycastle.jce.interfaces.ECPublicKey;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.jce.spec.ECParameterSpec;
import org.bouncycastle.jce.spec.ECPublicKeySpec;

/* loaded from: input_file:WEB-INF/lib/ca-core-0.0.1-SNAPSHOT.jar:com/xdja/pki/ca/core/ca/util/gm/cert/SM2CertUtil.class */
public class SM2CertUtil {
    public static BCECPublicKey getBCECPublicKey(X509Certificate x509Certificate) {
        ECPublicKey publicKey = x509Certificate.getPublicKey();
        return new BCECPublicKey(publicKey.getAlgorithm(), new ECPublicKeySpec(publicKey.getQ(), new ECParameterSpec(SM2Util.CURVE, SM2Util.G_POINT, SM2Util.SM2_ECC_N, SM2Util.SM2_ECC_H)), BouncyCastleProvider.CONFIGURATION);
    }

    public static boolean verifyCertificate(BCECPublicKey bCECPublicKey, X509Certificate x509Certificate) {
        try {
            x509Certificate.verify((PublicKey) bCECPublicKey, "BC");
            return true;
        } catch (Exception e) {
            return false;
        }
    }

    public static X509Certificate getX509Certificate(String str) throws IOException, CertificateException, NoSuchProviderException {
        FileInputStream fileInputStream = null;
        try {
            fileInputStream = new FileInputStream(str);
            X509Certificate x509Certificate = getX509Certificate(fileInputStream);
            if (fileInputStream != null) {
                fileInputStream.close();
            }
            return x509Certificate;
        } catch (Throwable th) {
            if (fileInputStream != null) {
                fileInputStream.close();
            }
            throw th;
        }
    }

    public static X509Certificate getX509Certificate(byte[] bArr) throws CertificateException, NoSuchProviderException {
        return getX509Certificate(new ByteArrayInputStream(bArr));
    }

    public static X509Certificate getX509Certificate(InputStream inputStream) throws CertificateException, NoSuchProviderException {
        return (X509Certificate) CertificateFactory.getInstance("X.509", "BC").generateCertificate(inputStream);
    }

    public static CertPath getCertificateChain(String str) throws IOException, CertificateException, NoSuchProviderException {
        FileInputStream fileInputStream = null;
        try {
            fileInputStream = new FileInputStream(str);
            CertPath certificateChain = getCertificateChain(fileInputStream);
            if (fileInputStream != null) {
                fileInputStream.close();
            }
            return certificateChain;
        } catch (Throwable th) {
            if (fileInputStream != null) {
                fileInputStream.close();
            }
            throw th;
        }
    }

    public static CertPath getCertificateChain(byte[] bArr) throws CertificateException, NoSuchProviderException {
        return getCertificateChain(new ByteArrayInputStream(bArr));
    }

    public static byte[] getCertificateChainBytes(CertPath certPath) throws CertificateEncodingException {
        return certPath.getEncoded("PKCS7");
    }

    public static CertPath getCertificateChain(InputStream inputStream) throws CertificateException, NoSuchProviderException {
        return CertificateFactory.getInstance("X.509", "BC").generateCertPath(inputStream, "PKCS7");
    }

    public static CertPath getCertificateChain(List<X509Certificate> list) throws CertificateException, NoSuchProviderException {
        return CertificateFactory.getInstance("X.509", "BC").generateCertPath(list);
    }
}
