package koal.ra.caclient;

import com.koal.common.util.Base64;
import com.koal.security.asn1.AsnObject;
import com.koal.security.asn1.EncodeException;
import com.koal.security.asn1.Null;
import com.koal.security.pki.crmf.AttributeTypeAndValue;
import com.koal.security.pki.crmf.CertRequest;
import com.koal.security.pki.crmf.Controls;
import com.koal.security.pki.pkcs10.CertificationRequest;
import com.koal.security.pki.x509.Attribute;
import com.koal.security.pki.x509.Certificate;
import com.koal.security.pki.x509.Name;
import com.koal.security.pki.x509.RSAPublicKey;
import com.koal.security.pki.x509.SubjectPublicKeyInfo;
import java.io.ByteArrayInputStream;
import java.math.BigInteger;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.interfaces.ECPublicKey;
import java.sql.Timestamp;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Date;
import java.util.Enumeration;
import koal.common.emengine.EMUtils;
import koal.common.emengine.rsa.RSACipher;
import koal.common.emengine.util.OsccaSM2PubKeyBlob;
import koal.common.emengine.util.RSAPubKeyBlob;
import koal.security.gb.Identifiers;
import org.apache.commons.lang.StringUtils;

/* loaded from: input_file:koal/ra/caclient/Util.class */
public class Util {
    protected static Date YEAR_2050 = java.sql.Date.valueOf("2050-01-01");
    public static final int CERT_PROPS_CN = 1;
    public static final int CERT_PROPS_DN = 2;
    public static final int CERT_PROPS_SN = 3;
    public static final int CERT_PROPS_NOT_BEFORE = 4;
    public static final int CERT_PROPS_NOT_AFTER = 5;
    public static final int CERT_PROPS_PUBKEY = 6;

    public static String stripCRLF(String str) {
        return str == null ? str : StringUtils.replace(StringUtils.replace(str, "\r", ""), "\n", "");
    }

    public static String stripBlank(String str) {
        if (str == null) {
            return str;
        }
        while (str.indexOf(" ") != -1) {
            str = StringUtils.replace(str, " ", "");
        }
        return str;
    }

    public static String pemFormat(String str, PEMType pEMType) {
        if (str == null) {
            return str;
        }
        throw new UnsupportedOperationException("操作当前不支持。");
    }

    public static String pem2PlainB64(String str) {
        if (str == null) {
            return str;
        }
        while (str.indexOf("-") != -1) {
            int indexOf = str.indexOf("-");
            int indexOf2 = str.indexOf("-", indexOf + 5);
            if (indexOf2 == -1) {
                str = str.substring(0, indexOf);
            } else {
                str = String.valueOf(str.substring(0, indexOf)) + str.substring(indexOf2 + 5);
            }
        }
        return stripBlank(stripCRLF(str));
    }

    public static boolean certSubjectEquals(String str, Name name) {
        Name name2 = new Name(str);
        name2.addRDNs(str);
        return name2.toString().equalsIgnoreCase(name.toString());
    }

    public static boolean certPropsCompare(Certificate certificate, Certificate certificate2, int i) {
        boolean z = false;
        switch (i) {
            case CERT_PROPS_CN /* 1 */:
                z = certificate.getSubjectCommonName().toString().equalsIgnoreCase(certificate2.getSubjectCommonName().toString());
                break;
            case CERT_PROPS_DN /* 2 */:
                z = certificate.getSubject().toString().equalsIgnoreCase(certificate2.getSubject().toString());
                break;
            case CERT_PROPS_SN /* 3 */:
                z = certificate.getSerialNumber().toString().equalsIgnoreCase(certificate2.getSerialNumber().toString());
                break;
            case CERT_PROPS_NOT_BEFORE /* 4 */:
                z = certificate.getValidFromValue().getTime() == certificate2.getValidFromValue().getTime();
                break;
            case CERT_PROPS_NOT_AFTER /* 5 */:
                z = certificate.getValidToValue().getTime() == certificate2.getValidToValue().getTime();
                break;
            case CERT_PROPS_PUBKEY /* 6 */:
                try {
                    z = Arrays.equals(certificate.getSubjectPublicKeyInfo().encode(), certificate2.getSubjectPublicKeyInfo().encode());
                    break;
                } catch (EncodeException e) {
                    e.printStackTrace();
                    break;
                }
        }
        return z;
    }

    public static void addOrUpdateControls(Controls controls, AttributeTypeAndValue attributeTypeAndValue) {
        int componentCount = controls.getComponentCount();
        ArrayList arrayList = new ArrayList();
        for (int i = 0; i < componentCount; i++) {
            AttributeTypeAndValue component = controls.getComponent(i);
            if (!component.getAttributeType().equals(attributeTypeAndValue.getAttributeType())) {
                arrayList.add(component);
            }
        }
        controls.clearComponents();
        for (int i2 = 0; i2 < arrayList.size(); i2++) {
            controls.addComponent((AsnObject) arrayList.get(i2));
        }
        controls.addComponent(attributeTypeAndValue);
    }

    public static void addOrUpdateControls(com.koal.security.pki.acrmf.Controls controls, Attribute attribute) {
        int componentCount = controls.getComponentCount();
        ArrayList arrayList = new ArrayList();
        for (int i = 0; i < componentCount; i++) {
            Attribute component = controls.getComponent(i);
            if (!component.getType().equals(attribute.getType())) {
                arrayList.add(component);
            }
        }
        controls.clearComponents();
        for (int i2 = 0; i2 < arrayList.size(); i2++) {
            controls.addComponent((AsnObject) arrayList.get(i2));
        }
        controls.addComponent(attribute);
    }

    public static void setNotBeforeOfCertRequest(CertRequest certRequest, Timestamp timestamp) {
        if (timestamp.before(YEAR_2050)) {
            certRequest.getCertTemplate().getValidity().getNotBefore().setActual(certRequest.getCertTemplate().getValidity().getNotBefore().getUtcTime());
            certRequest.getCertTemplate().getValidity().getNotBefore().getUtcTime().setValue(timestamp);
        } else {
            certRequest.getCertTemplate().getValidity().getNotBefore().setActual(certRequest.getCertTemplate().getValidity().getNotBefore().getGeneralTime());
            certRequest.getCertTemplate().getValidity().getNotBefore().getGeneralTime().setValue(timestamp);
        }
    }

    public static void setNotAfterOfCertRequest(CertRequest certRequest, Timestamp timestamp) {
        if (timestamp.before(YEAR_2050)) {
            certRequest.getCertTemplate().getValidity().getNotAfter().setActual(certRequest.getCertTemplate().getValidity().getNotAfter().getUtcTime());
            certRequest.getCertTemplate().getValidity().getNotAfter().getUtcTime().setValue(timestamp);
        } else {
            certRequest.getCertTemplate().getValidity().getNotAfter().setActual(certRequest.getCertTemplate().getValidity().getNotAfter().getGeneralTime());
            certRequest.getCertTemplate().getValidity().getNotAfter().getGeneralTime().setValue(timestamp);
        }
    }

    public static KeyPair genRSAKeyPair(int i) throws Exception {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
        keyPairGenerator.initialize(i, new SecureRandom());
        return keyPairGenerator.generateKeyPair();
    }

    public static byte[] prvKeyDecrypt(PrivateKey privateKey, byte[] bArr, int i) throws Exception {
        RSACipher rSACipher = new RSACipher();
        rSACipher.engineInit(2, privateKey, new SecureRandom());
        return rSACipher.engineDoFinal(bArr, 0, bArr.length);
    }

    public static byte[] pubKeyDecrypt(PublicKey publicKey, byte[] bArr, int i) throws Exception {
        RSACipher rSACipher = new RSACipher();
        rSACipher.engineInit(1, publicKey, new SecureRandom());
        return rSACipher.engineDoFinal(bArr, 0, bArr.length);
    }

    public static PrivateKey getPrvKeyFromPKCS12(String str, String str2) throws Exception {
        KeyStore keyStore = KeyStore.getInstance("PKCS12");
        keyStore.load(new ByteArrayInputStream(Base64.decode(str.getBytes())), str2.toCharArray());
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (keyStore.isKeyEntry(nextElement)) {
                return EMUtils.getPrvKey(keyStore.getKey(nextElement, str2.toCharArray()).getEncoded());
            }
        }
        return null;
    }

    public static Certificate getCertFromPKCS12(String str, String str2) throws Exception {
        KeyStore keyStore = KeyStore.getInstance("PKCS12");
        keyStore.load(new ByteArrayInputStream(Base64.decode(str.getBytes())), str2.toCharArray());
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (keyStore.isKeyEntry(nextElement)) {
                java.security.cert.Certificate certificate = keyStore.getCertificate(nextElement);
                Certificate certificate2 = new Certificate();
                certificate2.decode(certificate.getEncoded());
                return certificate2;
            }
        }
        return null;
    }

    public static String pubKey2PKCS10Req(PublicKey publicKey) throws Exception {
        CertificationRequest certificationRequest = new CertificationRequest();
        certificationRequest.getAttributes().clearComponents();
        certificationRequest.getSubject().clearComponents();
        certificationRequest.getSubject().addRDNs("C=CN,CN=FakePKCS10");
        SubjectPublicKeyInfo subjectPublicKeyInfo = new SubjectPublicKeyInfo("pubKey");
        subjectPublicKeyInfo.setPublicKeyValue(publicKey);
        certificationRequest.getSubjectPublicKeyInfo().copy(subjectPublicKeyInfo);
        certificationRequest.getSignature().setValue("INVALID SIG".getBytes());
        if (publicKey instanceof ECPublicKey) {
            certificationRequest.getSignatureAlgorithm().getAlgorithm().copy(Identifiers.id_cn_gmj_algo_sm2_sm3);
        } else {
            certificationRequest.getSignatureAlgorithm().getAlgorithm().copy(com.koal.security.pki.pkcs1.Identifiers.sha1WithRSAEncryption);
        }
        certificationRequest.getSignatureAlgorithm().addComponent(new Null());
        return new String(Base64.encode(certificationRequest.encode()));
    }

    public static String x509PubKey2PKCS10Req(String str) throws Exception {
        try {
            SubjectPublicKeyInfo subjectPublicKeyInfo = new SubjectPublicKeyInfo();
            subjectPublicKeyInfo.decode(Base64.decode(str.getBytes()));
            return pubKey2PKCS10Req(subjectPublicKeyInfo.getPublicKey());
        } catch (Exception e) {
            throw new Exception("无法生成PKCS10请求，可能是错误的SubjectPublicKeyInfo数据: " + e.getMessage() + "\r\n[\r\n" + str + "\r\n]\r\n", e);
        }
    }

    public static String pubKeyBlob2PKCS10Req(String str) throws Exception {
        try {
            return pubKey2PKCS10Req(EMUtils.getPubKey(RSAPubKeyBlob.valueOf(Base64.decode(str.getBytes())).rsaPubKey()));
        } catch (Exception e) {
            throw new Exception("无法生成PKCS10请求，可能是错误的RSAPUBKEY BLOB数据: " + e.getMessage() + "\r\n[\r\n" + str + "\r\n]\r\n", e);
        }
    }

    public static String rsaPubKey2PKCS10Req(String str) throws Exception {
        try {
            RSAPublicKey rSAPublicKey = new RSAPublicKey();
            rSAPublicKey.decode(Base64.decode(str.getBytes()));
            return pubKey2PKCS10Req(EMUtils.getPubKey(rSAPublicKey));
        } catch (Exception e) {
            throw new Exception("无法生成PKCS10请求，可能是错误的RSAPublicKey数据: " + e.getMessage() + "\r\n[\r\n" + str + "\r\n]\r\n", e);
        }
    }

    public static String osccaEcPubKey2PKCS10Req(String str) throws Exception {
        try {
            return pubKey2PKCS10Req(OsccaSM2PubKeyBlob.valueOf(Base64.decode(str.getBytes()), false).ecPubKey());
        } catch (Exception e) {
            throw new Exception("无法生成PKCS10请求，可能是错误的OsccaSM2PubKeyBlob数据: " + e.getMessage() + "\r\n[\r\n" + str + "\r\n]\r\n", e);
        }
    }

    public static void main(String[] strArr) throws Exception {
        RSAPublicKey rSAPublicKey = new RSAPublicKey();
        rSAPublicKey.getModulus().setValue(new BigInteger(1, Base64.decode("3niYymyOoO9lojeXmB7qtmvaHv5kDumsGk4Pwqam5vV2cN3sXL4bUZ8UV4csAj2Jkb0pVESAVGRVxkGHhBhaX4jQJNgh5CMcjtKznuKh+DziphdRBl60bXrviVPYCbq2c1e1IqULaLWkdvWXF0RqxlEZ1IeP9WJjTiTKRcoZTK/u4YJEJMXF6yMZna5mn6By64WLCVZZ3zv0fHpN3FP0kkIG2ZrTE4/cJMWxd+9rPS8ggvzgjspw9IOCtoZ9B9sLwuk37smOGYT8IdycHIejtHw7BnM41Eu7zBY/k9yuCHREF6nwd7dzXMYYjKbr4kKbxTFF9QqbHCIZq0FzYRMjOQ==")));
        rSAPublicKey.getPublicExponent().setValue(BigInteger.valueOf(65537L));
        String pubKey2PKCS10Req = pubKey2PKCS10Req(EMUtils.getPubKey(rSAPublicKey));
        CertificationRequest certificationRequest = new CertificationRequest();
        certificationRequest.decode(Base64.decode(pubKey2PKCS10Req));
        certificationRequest.getSubject().clearComponents();
        certificationRequest.getSubject().addRDNs("CN=BeiDou_Dev2,C=CN");
        System.out.println(new String(Base64.encode(certificationRequest.encode())));
        Certificate certificate = new Certificate();
        certificate.decode(Base64.decode("MIICcTCCAdqgAwIBAgIMGYSKb1qKW6qjqjIvMA0GCSqGSIb3DQEBBQUAMEsxCzAJBgNVBAYTAkNOMQ0wCwYDVQQKDARLT0FMMQ0wCwYDVQQLDARLT0FMMQ0wCwYDVQQLDARLT0FMMQ8wDQYDVQQDDAZST09UQ0EwHhcNMTEwODI1MDIzNjU1WhcNNDEwODE3MDIzNjU1WjA8MQswCQYDVQQGEwJDTjENMAsGA1UECgwES09BTDENMAsGA1UECwwES09BTDEPMA0GA1UEAwwGc3ViX2NhMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCPAb94A2jc2T1C8LhUwsrTMsBzTIuEpWFGkYIwaWljjnrKiRDghPbRi1up7zvAg9Q/OF7EgToWHKC9RyMKxQQfaqQK3Yl6r2JVFiRXXlLWfCBVqXJD1YYQazct3v5ZiZWQcQ3rKSpfAKoIi5PXMIDjR7e7klyXqsAIZjdcLKdUUQIDAQABo2kwZzAOBgNVHQ8BAQAEBAMCAIYwDwYDVR0TAQEABAUwAwEB/zAiBgNVHSMBAQAEGDAWgBSv8ySp/9i03UhXg3jJJkoyMqDMZzAgBgNVHQ4BAQAEFgQUJhDKqMIukjGtfZ4+VWFXkpSOEswwDQYJKoZIhvcNAQEFBQADgYEADzZxwRdCFAfBTmQYXB3GRAeJ7sUL2S8iIPJurSkvyQLI8Gc2/i2p8zFVYLchY0xwzZzGgCG0g88sP+C5IPxuXaEU0Em3wQvq0sbnMwq7QW9L5abPVqQejElW5dbCV1NPg8ofFAlhU2n8LTk8uuInUhSY3Yktpnr+A0v9iqhVjnM="));
        System.out.println(pubKey2PKCS10Req(certificate.getPublicKey()));
    }
}
