package ccit.security.bssp.util;

import ccit.security.ConstDefinitions;
import ccit.security.bssp.ex.CryptionException;
import ccit.security.bssp.key.KeyData;
import ccit.security.bssp.key.RSAKey;
import java.io.ByteArrayInputStream;
import java.math.BigInteger;
import java.security.KeyFactory;
import java.security.PublicKey;
import java.security.SignatureException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateFactory;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.security.spec.RSAPublicKeySpec;
import java.util.Random;
import javax.resource.spi.work.WorkException;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.ASN1Set;
import org.bouncycastle.asn1.DERBitString;
import org.bouncycastle.asn1.DERInteger;
import org.bouncycastle.asn1.pkcs.ContentInfo;
import org.bouncycastle.asn1.pkcs.SignedData;
import org.bouncycastle.crypto.encodings.PKCS1Encoding;
import org.bouncycastle.crypto.engines.RSAEngine;
import org.bouncycastle.crypto.params.RSAKeyParameters;
import org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters;
import org.bouncycastle.jce.provider.JDKDigestSignature;
import org.bouncycastle.util.encoders.Base64;

/* loaded from: input_file:ccit/security/bssp/util/BaseSoft.class */
public class BaseSoft {
    public static boolean verify(String str, byte[] bArr, byte[] bArr2, byte[] bArr3) throws Exception {
        boolean verify;
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        ASN1Sequence aSN1Sequence = (ASN1Sequence) new ASN1InputStream(byteArrayInputStream).readObject();
        byteArrayInputStream.close();
        PublicKey generatePublic = KeyFactory.getInstance("RSA").generatePublic(new RSAPublicKeySpec(DERInteger.getInstance(aSN1Sequence.getObjectAt(0)).getValue(), DERInteger.getInstance(aSN1Sequence.getObjectAt(1)).getValue()));
        byte[] checkPEM = MiscTools.checkPEM(bArr3);
        if (checkPEM != null) {
            bArr3 = Base64.decode(checkPEM);
        }
        if (str.equals("MD5WITHRSA")) {
            JDKDigestSignature.MD5WithRSAEncryption mD5WithRSAEncryption = new JDKDigestSignature.MD5WithRSAEncryption();
            mD5WithRSAEncryption.initVerify(generatePublic);
            mD5WithRSAEncryption.update(bArr2);
            verify = mD5WithRSAEncryption.verify(bArr3);
        } else {
            if (!str.equals("SHA1WITHRSA")) {
                throw new CryptionException(4, ConstDefinitions.UNSUPPORTED_ALGORITHM_DESC);
            }
            JDKDigestSignature.SHA1WithRSAEncryption sHA1WithRSAEncryption = new JDKDigestSignature.SHA1WithRSAEncryption();
            sHA1WithRSAEncryption.initVerify(generatePublic);
            sHA1WithRSAEncryption.update(bArr2);
            verify = sHA1WithRSAEncryption.verify(bArr3);
        }
        return verify;
    }

    public static int VerifySignature(byte[] bArr, byte[] bArr2, byte[] bArr3, int i) {
        boolean verify;
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr3);
        try {
            PublicKey publicKey = ((X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(byteArrayInputStream)).getPublicKey();
            byteArrayInputStream.close();
            if (i == 2) {
                JDKDigestSignature.MD5WithRSAEncryption mD5WithRSAEncryption = new JDKDigestSignature.MD5WithRSAEncryption();
                mD5WithRSAEncryption.initVerify(publicKey);
                mD5WithRSAEncryption.update(bArr2);
                verify = mD5WithRSAEncryption.verify(bArr);
            } else {
                if (i != 1) {
                    return 4;
                }
                JDKDigestSignature.SHA1WithRSAEncryption sHA1WithRSAEncryption = new JDKDigestSignature.SHA1WithRSAEncryption();
                sHA1WithRSAEncryption.initVerify(publicKey);
                sHA1WithRSAEncryption.update(bArr2);
                verify = sHA1WithRSAEncryption.verify(bArr);
            }
            return !verify ? 1 : 0;
        } catch (Exception e) {
            if (byteArrayInputStream != null) {
                try {
                    byteArrayInputStream.close();
                } catch (Exception e2) {
                }
            }
            e.printStackTrace();
            return 5;
        }
    }

    public static int VerifyCert(byte[] bArr, byte[] bArr2) {
        ByteArrayInputStream byteArrayInputStream;
        byte[] checkPEM = MiscTools.checkPEM(bArr);
        if (checkPEM != null) {
            bArr = Base64.decode(checkPEM);
        }
        byte[] checkPEM2 = MiscTools.checkPEM(bArr2);
        if (checkPEM2 != null) {
            bArr2 = Base64.decode(checkPEM2);
        }
        ByteArrayInputStream byteArrayInputStream2 = new ByteArrayInputStream(bArr);
        X509Certificate x509Certificate = null;
        PublicKey publicKey = null;
        boolean z = false;
        boolean z2 = false;
        try {
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            try {
                X509Certificate x509Certificate2 = (X509Certificate) certificateFactory.generateCertificate(byteArrayInputStream2);
                byteArrayInputStream2.close();
                byteArrayInputStream2 = null;
                try {
                    byteArrayInputStream2 = new ByteArrayInputStream(bArr2);
                    x509Certificate = (X509Certificate) certificateFactory.generateCertificate(byteArrayInputStream2);
                    publicKey = x509Certificate.getPublicKey();
                    z = true;
                    if (byteArrayInputStream2 != null) {
                        byteArrayInputStream2.close();
                    }
                    byteArrayInputStream = null;
                } catch (Exception e) {
                    if (byteArrayInputStream2 != null) {
                        byteArrayInputStream2.close();
                    }
                    byteArrayInputStream = null;
                }
                if (!z) {
                    try {
                        ByteArrayInputStream byteArrayInputStream3 = new ByteArrayInputStream(bArr2);
                        ASN1Set certificates = SignedData.getInstance(new ContentInfo((ASN1Sequence) new ASN1InputStream(byteArrayInputStream3).readObject()).getContent()).getCertificates();
                        byteArrayInputStream3.close();
                        byteArrayInputStream = null;
                        int size = certificates.size();
                        int i = 0;
                        X509Certificate[] x509CertificateArr = new X509Certificate[size];
                        for (int i2 = 0; i2 < size; i2++) {
                            ByteArrayInputStream byteArrayInputStream4 = new ByteArrayInputStream(new DERBitString(certificates.getObjectAt(i2)).getBytes());
                            x509CertificateArr[i2] = (X509Certificate) certificateFactory.generateCertificate(byteArrayInputStream4);
                            byteArrayInputStream4.close();
                            byteArrayInputStream = null;
                        }
                        for (int i3 = 0; i3 < size; i3++) {
                            for (int i4 = 0; i4 < size && !x509CertificateArr[i3].getSubjectDN().equals(x509CertificateArr[i4].getIssuerDN()); i4++) {
                                if (i4 == size - 1) {
                                    i = i3;
                                }
                            }
                        }
                        x509Certificate = x509CertificateArr[i];
                        publicKey = x509Certificate.getPublicKey();
                        z2 = true;
                    } catch (Exception e2) {
                        if (byteArrayInputStream != null) {
                            byteArrayInputStream.close();
                        }
                        byteArrayInputStream = null;
                    }
                    if (!z2 && !z) {
                        try {
                            ByteArrayInputStream byteArrayInputStream5 = new ByteArrayInputStream(bArr2);
                            ASN1Sequence aSN1Sequence = (ASN1Sequence) new ASN1InputStream(byteArrayInputStream5).readObject();
                            byteArrayInputStream5.close();
                            byteArrayInputStream = null;
                            int size2 = aSN1Sequence.size();
                            int i5 = 0;
                            X509Certificate[] x509CertificateArr2 = new X509Certificate[size2];
                            for (int i6 = 0; i6 < size2; i6++) {
                                ByteArrayInputStream byteArrayInputStream6 = new ByteArrayInputStream(new DERBitString(aSN1Sequence.getObjectAt(i6)).getBytes());
                                x509CertificateArr2[i6] = (X509Certificate) certificateFactory.generateCertificate(byteArrayInputStream6);
                                byteArrayInputStream6.close();
                                byteArrayInputStream = null;
                            }
                            for (int i7 = 0; i7 < size2; i7++) {
                                for (int i8 = 0; i8 < size2 && !x509CertificateArr2[i7].getSubjectDN().equals(x509CertificateArr2[i8].getIssuerDN()); i8++) {
                                    if (i8 == size2 - 1) {
                                        i5 = i7;
                                    }
                                }
                            }
                            x509Certificate = x509CertificateArr2[i5];
                            publicKey = x509Certificate.getPublicKey();
                        } catch (Exception e3) {
                            if (byteArrayInputStream != null) {
                                byteArrayInputStream.close();
                            }
                        }
                    }
                }
                if (x509Certificate == null) {
                    return 6;
                }
                x509Certificate2.checkValidity();
                if (!x509Certificate2.getIssuerDN().equals(x509Certificate.getSubjectDN())) {
                    return 3;
                }
                x509Certificate2.verify(publicKey);
                return 0;
            } catch (Exception e4) {
                if (byteArrayInputStream2 != null) {
                    byteArrayInputStream2.close();
                }
                return 7;
            }
        } catch (SignatureException e5) {
            return 1;
        } catch (CertificateExpiredException e6) {
            return 2;
        } catch (CertificateNotYetValidException e7) {
            return 2;
        } catch (Exception e8) {
            e8.printStackTrace();
            return 5;
        }
    }

    public static byte[] creatRandomKey1() {
        byte[] bArr = new byte[16];
        byte[] bArr2 = new byte[100];
        new Random().nextBytes(bArr2);
        try {
            bArr = Digest.digestWithMD5(bArr2);
        } catch (Exception e) {
            e.printStackTrace();
        }
        return bArr;
    }

    public static byte[] creatRandomKey() {
        byte[] bArr = new byte[100];
        new Random().nextBytes(bArr);
        return bArr;
    }

    public static byte[] decrypt(String str, KeyData keyData, byte[] bArr) throws Exception {
        if (!str.equals(ConstDefinitions.RSAPriKey)) {
            throw new CryptionException(2006, ConstDefinitions.CRYPTION_ERRALGORKEY_DESC);
        }
        if (!(keyData instanceof RSAKey) || ((RSAKey) keyData).getPrivatekey() == null) {
            throw new CryptionException(2006, ConstDefinitions.CRYPTION_ERRALGORKEY_DESC);
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(((RSAKey) keyData).getPrivatekey());
        ASN1Sequence aSN1Sequence = (ASN1Sequence) new ASN1InputStream(byteArrayInputStream).readObject();
        BigInteger value = DERInteger.getInstance(aSN1Sequence.getObjectAt(1)).getValue();
        BigInteger value2 = DERInteger.getInstance(aSN1Sequence.getObjectAt(2)).getValue();
        DERInteger.getInstance(aSN1Sequence.getObjectAt(3)).getValue();
        BigInteger value3 = DERInteger.getInstance(aSN1Sequence.getObjectAt(4)).getValue();
        BigInteger value4 = DERInteger.getInstance(aSN1Sequence.getObjectAt(5)).getValue();
        BigInteger value5 = DERInteger.getInstance(aSN1Sequence.getObjectAt(6)).getValue();
        BigInteger value6 = DERInteger.getInstance(aSN1Sequence.getObjectAt(7)).getValue();
        BigInteger value7 = DERInteger.getInstance(aSN1Sequence.getObjectAt(8)).getValue();
        byteArrayInputStream.close();
        BigInteger bigInteger = new BigInteger(WorkException.START_TIMED_OUT, 16);
        RSAPrivateCrtKeyParameters rSAPrivateCrtKeyParameters = new RSAPrivateCrtKeyParameters(value, value2, value2.modInverse(value3.subtract(bigInteger).multiply(value4.subtract(bigInteger))), value3, value4, value5, value6, value7);
        PKCS1Encoding pKCS1Encoding = new PKCS1Encoding(new RSAEngine());
        pKCS1Encoding.init(false, rSAPrivateCrtKeyParameters);
        return pKCS1Encoding.processBlock(bArr, 0, bArr.length);
    }

    public static byte[] encrypt(String str, KeyData keyData, byte[] bArr) throws Exception {
        if (!str.equals(ConstDefinitions.RSAPubKey)) {
            throw new CryptionException(2006, ConstDefinitions.CRYPTION_ERRALGORKEY_DESC);
        }
        if (!(keyData instanceof RSAKey) || ((RSAKey) keyData).getPublickey() == null) {
            throw new CryptionException(2006, ConstDefinitions.CRYPTION_ERRALGORKEY_DESC);
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(((RSAKey) keyData).getPublickey());
        ASN1Sequence aSN1Sequence = (ASN1Sequence) new ASN1InputStream(byteArrayInputStream).readObject();
        byteArrayInputStream.close();
        RSAKeyParameters rSAKeyParameters = new RSAKeyParameters(false, DERInteger.getInstance(aSN1Sequence.getObjectAt(0)).getValue(), DERInteger.getInstance(aSN1Sequence.getObjectAt(1)).getValue());
        PKCS1Encoding pKCS1Encoding = new PKCS1Encoding(new RSAEngine());
        pKCS1Encoding.init(true, rSAKeyParameters);
        return pKCS1Encoding.processBlock(bArr, 0, bArr.length);
    }
}
