package com.xdja.safecenter.kdc.service.hsm;

import java.io.ByteArrayInputStream;
import java.security.Security;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.interfaces.ECPublicKey;
import java.security.interfaces.RSAPublicKey;
import org.apache.commons.lang3.StringUtils;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.util.encoders.Base64;

/* loaded from: input_file:WEB-INF/lib/kdc-service-impl-1.0-SNAPSHOT.jar:com/xdja/safecenter/kdc/service/hsm/CertUtil.class */
public class CertUtil {
    public static final String CERT_HEAD = "-----BEGIN CERTIFICATE-----";
    public static final String CERT_TAIL = "-----END CERTIFICATE-----";

    public static X509Certificate getCertFromStr16(String str) {
        try {
            return (X509Certificate) CertificateFactory.getInstance("X.509", "BC").generateCertificate(new ByteArrayInputStream(hex2byte(str)));
        } catch (Exception e) {
            System.err.println("getCertFromFullStr error: " + e.toString());
            return null;
        }
    }

    public static byte[] hex2byte(String str) {
        StringBuffer stringBuffer;
        int length;
        if (null == str || str.equals("") || (length = (stringBuffer = new StringBuffer(str.trim())).length()) == 0 || length % 2 == 1) {
            return null;
        }
        byte[] bArr = new byte[length / 2];
        for (int i = 0; i < length; i += 2) {
            try {
                bArr[i / 2] = (byte) Integer.decode("0x" + stringBuffer.substring(i, i + 2)).intValue();
            } catch (Exception e) {
                return null;
            }
        }
        return bArr;
    }

    public static String getPubKey(String str, int i) {
        String str2;
        System.out.println("进入CertUtil->getPubKey: str:\n" + str);
        X509Certificate certFromStr = getCertFromStr(str);
        if (i == 1) {
            str2 = ((RSAPublicKey) certFromStr.getPublicKey()).getModulus().toString(16).toUpperCase();
        } else {
            ECPublicKey eCPublicKey = (ECPublicKey) certFromStr.getPublicKey();
            str2 = eCPublicKey.getW().getAffineX().toString(16) + "#" + eCPublicKey.getW().getAffineY().toString(16);
        }
        return str2;
    }

    public static X509Certificate getCertFromStr(String str) {
        String replace = str.replace(CERT_HEAD, "").replace(CERT_TAIL, "").replace(StringUtils.CR, "").replace(StringUtils.LF, "").replace("\\r", "").replace("\\n", "");
        X509Certificate certFromB64 = getCertFromB64(replace);
        if (certFromB64 == null) {
            certFromB64 = getCertFromFullStr(replace);
        }
        if (certFromB64 == null) {
            certFromB64 = getCertFromStr16(replace);
        }
        return certFromB64;
    }

    public static X509Certificate getCertFromFullStr(String str) {
        try {
            return (X509Certificate) CertificateFactory.getInstance("X.509", "BC").generateCertificate(new ByteArrayInputStream(str.getBytes()));
        } catch (Exception e) {
            System.err.println("getCertFromFullStr error: " + e.toString());
            return null;
        }
    }

    public static synchronized X509Certificate getCertFromB64(String str) {
        try {
            return (X509Certificate) CertificateFactory.getInstance("X.509", "BC").generateCertificate(new ByteArrayInputStream(Base64.decode(str)));
        } catch (Exception e) {
            System.err.println("getCertFromB64 error: " + e.toString());
            return null;
        }
    }

    public static String getSn(X509Certificate x509Certificate) {
        return x509Certificate.getSerialNumber().toString(16).toLowerCase();
    }

    public static String certToFullB64(Certificate certificate) {
        String str = "";
        try {
            str = bytesToFullB64(certificate.getEncoded());
        } catch (Exception e) {
            System.err.println("certToFullB64 error:" + e.toString());
        }
        return str;
    }

    public static String bytesToFullB64(byte[] bArr) {
        try {
            return "-----BEGIN CERTIFICATE-----\n" + new String(Base64.encode(bArr)) + StringUtils.LF + CERT_TAIL + StringUtils.LF;
        } catch (Exception e) {
            System.err.println("certDerToFullB64 error:" + e.toString());
            return null;
        }
    }

    static {
        if (Security.getProvider("BC") == null) {
            Security.addProvider(new BouncyCastleProvider());
        }
    }
}
