package com.xdja.pki.gmssl.crypto.utils;

import com.sansec.devicev4.api.ISDSCrypto;
import com.sansec.devicev4.gb.struct.key.rsa.RSArefKeyPair;
import com.xdja.pki.gmssl.crypto.init.GMSSLPkiCryptoInit;
import com.xdja.pki.gmssl.crypto.sdf.SdfCryptoType;
import com.xdja.pki.gmssl.crypto.sdf.SdfPrivateKey;
import com.xdja.pki.gmssl.crypto.sdf.SdfRSAKey;
import com.xdja.pki.gmssl.crypto.utils.sanc.GMSSLSancConnectionUtils;
import com.xdja.pki.gmssl.crypto.utils.sanc.GMSSLSancConverUtils;
import com.xdja.pki.gmssl.crypto.utils.sanc.GMSSLSancKeyTypeEnum;
import com.xdja.pki.gmssl.sdf.SdfSDK;
import com.xdja.pki.gmssl.sdf.SdfSDKException;
import com.xdja.pki.gmssl.sdf.bean.SdfRSAPrivateKey;
import com.xdja.pki.gmssl.sdf.bean.SdfRSAPublicKey;
import com.xdja.pki.gmssl.sdf.bean.SdfRsaKeyPair;
import com.xdja.pki.gmssl.x509.utils.bean.GMSSLCryptoType;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Security;
import java.security.spec.RSAPrivateCrtKeySpec;
import java.security.spec.RSAPublicKeySpec;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.util.BigIntegers;

/* loaded from: input_file:BOOT-INF/lib/gmssl-pki-utils-1.0.7-SNAPSHOT.jar:com/xdja/pki/gmssl/crypto/utils/GMSSLRSAKeyUtils.class */
public class GMSSLRSAKeyUtils {
    public static final String RSA_ALGORITHM_NAME = "RSA";
    public static final int RSA_KEY_SIZE_1024 = 1024;
    public static final int RSA_KEY_SIZE_2048 = 2048;
    public static final int RSA_KEY_SIZE_3072 = 3072;
    public static final int RSA_KEY_SIZE_4096 = 4096;

    public static KeyPair generateRSAKeyPair(int i) throws Exception {
        switch (GMSSLPkiCryptoInit.getCryptoType()) {
            case PCI_E:
                return generateKeyPairBySdf(SdfCryptoType.PCIE, i);
            case XDJA_HSM:
                return generateKeyPairBySdf(SdfCryptoType.YUNHSM, i);
            case SANC_HSM:
                RSArefKeyPair generateRSAKeyPair = GMSSLSancConnectionUtils.getCryptConnection().generateRSAKeyPair(i);
                return new KeyPair(GMSSLSancConverUtils.converRSAPublicKey(generateRSAKeyPair.getPublicKey()), GMSSLSancConverUtils.converRSAPrivateKey(generateRSAKeyPair.getPrivateKey()));
            case MINI_PCI_E:
            case BC:
            default:
                return generateKeyPairByBC(i);
        }
    }

    public static SdfPrivateKey genSdfPrivateKey(int i, String str) {
        return new SdfPrivateKey(i, str);
    }

    public static boolean getPrivateKeyAccessRightFromHardware(int i, String str) throws Exception {
        switch (GMSSLPkiCryptoInit.getCryptoType()) {
            case PCI_E:
                return checkPrivateKeyAccessRightFromSdf(SdfCryptoType.PCIE, i, str);
            case XDJA_HSM:
                return checkPrivateKeyAccessRightFromSdf(SdfCryptoType.YUNHSM, i, str);
            default:
                throw new Exception("the method un support the crypto type " + GMSSLPkiCryptoInit.getCryptoType());
        }
    }

    public static PublicKey getPublicKeyFromHardware(int i, boolean z) throws Exception {
        switch (GMSSLPkiCryptoInit.getCryptoType()) {
            case PCI_E:
                return z ? getEncryptPublicKeyByPcie(i) : getSignPublicKeyByPcie(i);
            case XDJA_HSM:
                return z ? getEncryptPublicKeyByYunhsm(i) : getSignPublicKeyByYunhsm(i);
            case SANC_HSM:
                ISDSCrypto cryptConnection = GMSSLSancConnectionUtils.getCryptConnection();
                return GMSSLSancConverUtils.converRSAPublicKey(z ? cryptConnection.getRSAPublicKey(i, GMSSLSancKeyTypeEnum.ENCRYPT.getKeyType()) : cryptConnection.getRSAPublicKey(i, GMSSLSancKeyTypeEnum.SIGN.getKeyType()));
            case MINI_PCI_E:
            case BC:
            default:
                throw new Exception("un support the method with the crypto type " + GMSSLPkiCryptoInit.getCryptoType());
        }
    }

    public static KeyPair generateKeyPairByBC(int i) throws NoSuchProviderException, NoSuchAlgorithmException {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", BouncyCastleProvider.PROVIDER_NAME);
        keyPairGenerator.initialize(i);
        return keyPairGenerator.generateKeyPair();
    }

    public static KeyPair generateKeyPairByYunHsm(int i) throws Exception {
        return generateKeyPairBySdf(SdfCryptoType.YUNHSM, i);
    }

    public static KeyPair generateKeyPairBySdf(SdfCryptoType sdfCryptoType, int i) throws Exception {
        if (GMSSLPkiCryptoInit.getCryptoType() == GMSSLCryptoType.SANC_HSM) {
            return generateRSAKeyPair(i);
        }
        SdfSDK sdfSDK = sdfCryptoType.getSdfSDK();
        sdfSDK.init();
        SdfRsaKeyPair generateKeyPairRsa = sdfSDK.generateKeyPairRsa(i);
        sdfSDK.release();
        SdfRSAPrivateKey sdfRSAPrivateKey = generateKeyPairRsa.getSdfRSAPrivateKey();
        RSAPrivateCrtKeySpec rSAPrivateCrtKeySpec = new RSAPrivateCrtKeySpec(BigIntegers.fromUnsignedByteArray(sdfRSAPrivateKey.getM()), BigIntegers.fromUnsignedByteArray(sdfRSAPrivateKey.getE()), BigIntegers.fromUnsignedByteArray(sdfRSAPrivateKey.getD()), BigIntegers.fromUnsignedByteArray(sdfRSAPrivateKey.getPrime()[0]), BigIntegers.fromUnsignedByteArray(sdfRSAPrivateKey.getPrime()[1]), BigIntegers.fromUnsignedByteArray(sdfRSAPrivateKey.getPexp()[0]), BigIntegers.fromUnsignedByteArray(sdfRSAPrivateKey.getPexp()[1]), BigIntegers.fromUnsignedByteArray(sdfRSAPrivateKey.getCoef()));
        KeyFactory keyFactory = KeyFactory.getInstance("RSA", BouncyCastleProvider.PROVIDER_NAME);
        PrivateKey generatePrivate = keyFactory.generatePrivate(rSAPrivateCrtKeySpec);
        SdfRSAPublicKey sdfRSAPublicKey = generateKeyPairRsa.getSdfRSAPublicKey();
        return new KeyPair(keyFactory.generatePublic(new RSAPublicKeySpec(BigIntegers.fromUnsignedByteArray(sdfRSAPublicKey.getM()), BigIntegers.fromUnsignedByteArray(sdfRSAPublicKey.getE()))), generatePrivate);
    }

    public static PublicKey getSignPublicKeyByYunhsm(int i) throws Exception {
        if (GMSSLPkiCryptoInit.getCryptoType() == GMSSLCryptoType.SANC_HSM) {
            return getPublicKeyFromHardware(i, false);
        }
        SdfRSAKey sdfRSAKey = new SdfRSAKey(SdfCryptoType.YUNHSM);
        PublicKey exportSignPublicKey = sdfRSAKey.exportSignPublicKey(i);
        sdfRSAKey.release();
        return exportSignPublicKey;
    }

    public static PublicKey getSignPublicKeyByPcie(int i) throws Exception {
        SdfRSAKey sdfRSAKey = new SdfRSAKey(SdfCryptoType.PCIE);
        PublicKey exportSignPublicKey = sdfRSAKey.exportSignPublicKey(i);
        sdfRSAKey.release();
        return exportSignPublicKey;
    }

    public static PublicKey getEncryptPublicKeyByYunhsm(int i) throws Exception {
        if (GMSSLPkiCryptoInit.getCryptoType() == GMSSLCryptoType.SANC_HSM) {
            return getPublicKeyFromHardware(i, true);
        }
        SdfRSAKey sdfRSAKey = new SdfRSAKey(SdfCryptoType.YUNHSM);
        PublicKey exportEncryptPublicKey = sdfRSAKey.exportEncryptPublicKey(i);
        sdfRSAKey.release();
        return exportEncryptPublicKey;
    }

    public static PublicKey getEncryptPublicKeyByPcie(int i) throws Exception {
        SdfRSAKey sdfRSAKey = new SdfRSAKey(SdfCryptoType.PCIE);
        PublicKey exportEncryptPublicKey = sdfRSAKey.exportEncryptPublicKey(i);
        sdfRSAKey.release();
        return exportEncryptPublicKey;
    }

    public static boolean getPrivateKeyAccessRightFromYunHsm(int i, String str) {
        return checkPrivateKeyAccessRightFromSdf(SdfCryptoType.YUNHSM, i, str);
    }

    public static boolean checkPrivateKeyAccessRightFromYunHsm(int i, String str) {
        return checkPrivateKeyAccessRightFromSdf(SdfCryptoType.YUNHSM, i, str);
    }

    public static boolean checkPrivateKeyAccessRightFromPCIE(int i, String str) {
        return checkPrivateKeyAccessRightFromSdf(SdfCryptoType.PCIE, i, str);
    }

    public static boolean checkPrivateKeyAccessRightFromSdf(SdfCryptoType sdfCryptoType, int i, String str) {
        try {
            SdfSDK sdfSDK = sdfCryptoType.getSdfSDK();
            sdfSDK.init();
            boolean checkPrivateKeyAccessRight = sdfSDK.checkPrivateKeyAccessRight(i, str.getBytes());
            sdfSDK.release();
            return checkPrivateKeyAccessRight;
        } catch (SdfSDKException e) {
            return false;
        }
    }

    static {
        if (Security.getProvider(BouncyCastleProvider.PROVIDER_NAME) == null) {
            Security.addProvider(new BouncyCastleProvider());
        }
    }
}
