package com.xdja.pki.cams.utils;

import com.xdja.pki.api.km.vo.AsyCipherVO;
import com.xdja.pki.common.asn1.EncryptedContentInfo;
import com.xdja.pki.common.asn1.SignedAndEnvelopedData;
import com.xdja.pki.common.asn1.Sm2Cipher;
import com.xdja.pki.common.enums.AlgTypeEnum;
import com.xdja.pki.common.enums.SignAlgEnum;
import com.xdja.pki.common.util.SignatureUtil;
import com.xdja.pki.common.util.Sm4Util;
import com.xdja.pki.service.cache.KmAsyCipherCache;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.ASN1Set;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.DERSet;
import org.bouncycastle.asn1.cms.IssuerAndSerialNumber;
import org.bouncycastle.asn1.cms.KeyTransRecipientInfo;
import org.bouncycastle.asn1.cms.RecipientIdentifier;
import org.bouncycastle.asn1.cms.SignerIdentifier;
import org.bouncycastle.asn1.cms.SignerInfo;
import org.bouncycastle.asn1.gm.GMObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x500.style.RFC4519Style;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.asn1.x509.X509ObjectIdentifiers;
import org.bouncycastle.crypto.InvalidCipherTextException;
import org.bouncycastle.crypto.engines.RSAEngine;
import org.bouncycastle.crypto.engines.SM2Engine;
import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
import org.bouncycastle.crypto.params.ECKeyParameters;
import org.bouncycastle.crypto.params.ParametersWithRandom;
import org.bouncycastle.crypto.util.PublicKeyFactory;

/* loaded from: input_file:WEB-INF/lib/cams-km-1.0-SNAPSHOT.jar:com/xdja/pki/cams/utils/Asn1WithCacheUtil.class */
public class Asn1WithCacheUtil {
    private static final KmAsyCipherCache kmAsyCipherCache = new KmAsyCipherCache();

    public static SignedAndEnvelopedData generateSignedAndEnvelopedData(Integer num, int i, PrivateKey privateKey, String str, String str2) throws Exception {
        AsyCipherVO asyCipher = kmAsyCipherCache.getAsyCipher(num.intValue(), i);
        PublicKey publicKey = asyCipher.getPublicKey();
        byte[] sessionKey = asyCipher.getSessionKey();
        byte[] sessionKey2 = asyCipher.getSessionKey();
        IssuerAndSerialNumber issuerAndSerialNumber = new IssuerAndSerialNumber(new X500Name(RFC4519Style.INSTANCE, str), new BigInteger(str2, 16));
        ASN1Integer aSN1Integer = new ASN1Integer(1L);
        DERSet dERSet = new DERSet(generateRecipientInfo(num, publicKey, sessionKey, issuerAndSerialNumber));
        DERSet dERSet2 = new DERSet(new AlgorithmIdentifier(num.intValue() == AlgTypeEnum.RSA.alg ? X509ObjectIdentifiers.id_SHA1 : GMObjectIdentifiers.sm3));
        EncryptedContentInfo generateEncryptedContentInfo = generateEncryptedContentInfo(num, sessionKey2);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byteArrayOutputStream.write(aSN1Integer.getEncoded());
        byteArrayOutputStream.write(dERSet.getEncoded());
        byteArrayOutputStream.write(dERSet2.getEncoded());
        byteArrayOutputStream.write(generateEncryptedContentInfo.getEncoded());
        return new SignedAndEnvelopedData(aSN1Integer, dERSet, dERSet2, generateEncryptedContentInfo, new DERSet(generateSignerInfo(num, privateKey, issuerAndSerialNumber, byteArrayOutputStream.toByteArray())));
    }

    public static SignerInfo generateSignerInfo(Integer num, PrivateKey privateKey, IssuerAndSerialNumber issuerAndSerialNumber, byte[] bArr) throws Exception {
        SignerIdentifier signerIdentifier = new SignerIdentifier(issuerAndSerialNumber);
        AlgorithmIdentifier algorithmIdentifier = null;
        AlgorithmIdentifier algorithmIdentifier2 = null;
        DEROctetString dEROctetString = null;
        if (num.intValue() == AlgTypeEnum.RSA.alg) {
            algorithmIdentifier = new AlgorithmIdentifier(X509ObjectIdentifiers.id_SHA1);
            algorithmIdentifier2 = new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption);
            dEROctetString = new DEROctetString(SignatureUtil.sign(bArr, privateKey, SignAlgEnum.SHA1_WITH_RSA));
        } else if (num.intValue() == AlgTypeEnum.SM2.alg) {
            algorithmIdentifier = new AlgorithmIdentifier(GMObjectIdentifiers.sm3);
            algorithmIdentifier2 = new AlgorithmIdentifier(GMObjectIdentifiers.sm2sign);
            dEROctetString = new DEROctetString(SignatureUtil.sign(bArr, privateKey, SignAlgEnum.SM3_WITH_SM2));
        }
        return new SignerInfo(signerIdentifier, algorithmIdentifier, (ASN1Set) null, algorithmIdentifier2, dEROctetString, (ASN1Set) null);
    }

    public static EncryptedContentInfo generateEncryptedContentInfo(Integer num, byte[] bArr) throws Exception {
        AlgorithmIdentifier algorithmIdentifier = null;
        DEROctetString dEROctetString = null;
        if (num.intValue() == AlgTypeEnum.RSA.alg) {
            algorithmIdentifier = new AlgorithmIdentifier(Sm4Util.sm4);
            dEROctetString = new DEROctetString(bArr);
        } else if (num.intValue() == AlgTypeEnum.SM2.alg) {
            algorithmIdentifier = new AlgorithmIdentifier(Sm4Util.sm4);
            dEROctetString = new DEROctetString(bArr);
        }
        return new EncryptedContentInfo(SignedAndEnvelopedData.OID, algorithmIdentifier, dEROctetString);
    }

    public static KeyTransRecipientInfo generateRecipientInfo(Integer num, PublicKey publicKey, byte[] bArr, IssuerAndSerialNumber issuerAndSerialNumber) throws IOException, InvalidCipherTextException {
        RecipientIdentifier recipientIdentifier = new RecipientIdentifier(issuerAndSerialNumber);
        AlgorithmIdentifier algorithmIdentifier = null;
        DEROctetString dEROctetString = null;
        AsymmetricKeyParameter createKey = PublicKeyFactory.createKey(SubjectPublicKeyInfo.getInstance(publicKey.getEncoded()));
        if (num.intValue() == AlgTypeEnum.RSA.alg) {
            algorithmIdentifier = new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption);
            RSAEngine rSAEngine = new RSAEngine();
            rSAEngine.init(true, createKey);
            dEROctetString = new DEROctetString(rSAEngine.processBlock(bArr, 0, bArr.length));
        } else if (num.intValue() == AlgTypeEnum.SM2.alg) {
            algorithmIdentifier = new AlgorithmIdentifier(GMObjectIdentifiers.sm2encrypt);
            SM2Engine sM2Engine = new SM2Engine();
            sM2Engine.init(true, new ParametersWithRandom(createKey, new SecureRandom()));
            dEROctetString = new DEROctetString(new Sm2Cipher((ECKeyParameters) createKey, sM2Engine.processBlock(bArr, 0, bArr.length), bArr.length).getEncoded());
        }
        return new KeyTransRecipientInfo(recipientIdentifier, algorithmIdentifier, dEROctetString);
    }
}
