package com.xdja.pki.ra.core.util.cert;

import com.xdja.pki.gmssl.core.utils.GMSSLBCSignUtils;
import com.xdja.pki.gmssl.core.utils.GMSSLX509Utils;
import com.xdja.pki.gmssl.crypto.sdf.SdfSymmetricKeyParameters;
import com.xdja.pki.gmssl.crypto.utils.GMSSLECIESEncryptUtils;
import com.xdja.pki.gmssl.crypto.utils.GMSSLECSignUtils;
import com.xdja.pki.gmssl.crypto.utils.GMSSLRSAEncryptUtils;
import com.xdja.pki.gmssl.crypto.utils.GMSSLRSASignUtils;
import com.xdja.pki.gmssl.crypto.utils.GMSSLSHA1DigestUtils;
import com.xdja.pki.gmssl.crypto.utils.GMSSLSHA256DigestUtils;
import com.xdja.pki.gmssl.crypto.utils.GMSSLSM2EncryptUtils;
import com.xdja.pki.gmssl.crypto.utils.GMSSLSM2SignUtils;
import com.xdja.pki.gmssl.crypto.utils.GMSSLSM3DigestUtils;
import com.xdja.pki.gmssl.crypto.utils.GMSSLSM4ECBEncryptUtils;
import com.xdja.pki.gmssl.sdf.bean.SdfAlgIdSymmetric;
import com.xdja.pki.gmssl.tomcat.utils.GMSSLTomcatUtils;
import com.xdja.pki.gmssl.x509.utils.GMSSLCertUtils;
import com.xdja.pki.gmssl.x509.utils.GMSSLP10Utils;
import com.xdja.pki.gmssl.x509.utils.bean.GMSSLSignatureAlgorithm;
import com.xdja.pki.ra.core.asn1.DigestObjectIdentifiers;
import com.xdja.pki.ra.core.asn1.NISTObjectIdentifiers;
import com.xdja.pki.ra.core.asn1.RsaObjectIdentifiers;
import com.xdja.pki.ra.core.asn1.SM2ObjectIdentifiers;
import com.xdja.pki.ra.core.asn1.SymmetryObjectIdentifiers;
import com.xdja.pki.ra.core.common.CommonVariable;
import com.xdja.pki.ra.core.commonenum.DigestAlgEnum;
import com.xdja.pki.ra.core.commonenum.KeyAlgEnum;
import com.xdja.pki.ra.core.config.Config;
import com.xdja.pki.ra.core.constant.Constants;
import com.xdja.pki.ra.core.util.spring.SpringUtils;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import java.security.Security;
import java.security.cert.X509Certificate;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.List;
import org.apache.commons.lang3.StringUtils;
import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.util.encoders.Base64;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import sun.security.rsa.RSAPrivateKeyImpl;
import sun.security.util.DerValue;

/* loaded from: input_file:WEB-INF/lib/ra-core-0.0.1-SNAPSHOT.jar:com/xdja/pki/ra/core/util/cert/HsmUtils.class */
public class HsmUtils {
    protected static final transient Logger logger = LoggerFactory.getLogger(HsmUtils.class.getClass());
    private static Config config = (Config) SpringUtils.getBean("configFile");

    public static String getEncrypt(String str) throws Exception {
        return formatDate(true, Base64.decode(CommonVariable.getEncryptKey()), Integer.valueOf(CommonVariable.getEncryptKeyIndex()), str);
    }

    public static String getDecrypt(String str) throws Exception {
        return Constants.DATA_NOT_ENCRYPTION_0.equals(CommonVariable.getIsEncrypt()) ? str : formatDate(false, Base64.decode(CommonVariable.getEncryptKey()), Integer.valueOf(CommonVariable.getEncryptKeyIndex()), str);
    }

    public static String getEncryptKey(String str) throws Exception {
        return Constants.HSM_SERVER_XDJA_1 == CommonVariable.getIsHsm().intValue() ? str : Base64.toBase64String(publicKeyEncryptDate(CommonVariable.getRaEncPublicKey(), Base64.decode(str)));
    }

    public static String getDecryptKey(String str) throws Exception {
        return Constants.HSM_SERVER_XDJA_1 == CommonVariable.getIsHsm().intValue() ? str : Base64.toBase64String(privateKeyDecryptDate(CommonVariable.getRaEncPriKey(), Base64.decode(str)));
    }

    public static Config cryptConfigRaPwd(boolean z, Config config2) throws Exception {
        if (Constants.DATA_NOT_ENCRYPTION_0.equals(CommonVariable.getIsEncrypt())) {
            return config2;
        }
        if (!CommonVariable.getKeyAlgName().equals(Constants.KEY_ALG_NAME_SM2) || CommonVariable.getIsHsm().intValue() != Constants.HSM_SERVER_XDJA_1) {
            return config2;
        }
        String priKeyPwd = config2.getRaServerConfig().getPriKeyPwd();
        if (StringUtils.isBlank(priKeyPwd)) {
            return config2;
        }
        config2.getRaServerConfig().setPriKeyPwd(z ? getEncrypt(priKeyPwd) : getDecrypt(priKeyPwd));
        return config2;
    }

    public static String formatDate(boolean z, byte[] bArr, Integer num, String str) throws Exception {
        return z ? Constants.HSM_SERVER_XDJA_1 == CommonVariable.getIsHsm().intValue() ? Base64.toBase64String(GMSSLSM4ECBEncryptUtils.encryptWithKek(bArr, num.intValue(), SdfAlgIdSymmetric.SGD_SM4_ECB, str.getBytes(), SdfSymmetricKeyParameters.PaddingType.PKCS7Padding)) : Base64.toBase64String(sm4EncryptDate(bArr, str.getBytes())) : Constants.HSM_SERVER_XDJA_1 == CommonVariable.getIsHsm().intValue() ? new String(GMSSLSM4ECBEncryptUtils.decryptWithKek(bArr, num.intValue(), SdfAlgIdSymmetric.SGD_SM4_ECB, Base64.decode(str), SdfSymmetricKeyParameters.PaddingType.PKCS7Padding)) : new String(sm4DecryptDate(bArr, Base64.decode(str)));
    }

    public static byte[] sm4EncryptDate(byte[] bArr, byte[] bArr2) throws Exception {
        return GMSSLSM4ECBEncryptUtils.encrypt(bArr, bArr2, SdfSymmetricKeyParameters.PaddingType.PKCS7Padding);
    }

    public static byte[] sm4DecryptDate(byte[] bArr, byte[] bArr2) throws Exception {
        return GMSSLSM4ECBEncryptUtils.decrypt(bArr, bArr2, SdfSymmetricKeyParameters.PaddingType.PKCS7Padding);
    }

    public static byte[] publicKeyEncryptDate(PublicKey publicKey, byte[] bArr) throws Exception {
        byte[] bArr2 = null;
        if (Constants.KEY_ALG_NAME_RSA.equals(CommonVariable.getKeyAlgName())) {
            bArr2 = GMSSLRSAEncryptUtils.encrypt(publicKey, bArr);
        } else if (Constants.KEY_ALG_NAME_SM2.equals(CommonVariable.getKeyAlgName())) {
            bArr2 = GMSSLSM2EncryptUtils.encrypt(publicKey, bArr);
        } else if (Constants.KEY_ALG_NAME_NIST.equals(CommonVariable.getKeyAlgName())) {
            bArr2 = GMSSLECIESEncryptUtils.encrypt(publicKey, bArr);
        }
        return bArr2;
    }

    public static byte[] privateKeyDecryptDate(PrivateKey privateKey, byte[] bArr) throws Exception {
        byte[] bArr2 = null;
        if (Constants.KEY_ALG_NAME_RSA.equals(CommonVariable.getKeyAlgName())) {
            bArr2 = GMSSLRSAEncryptUtils.decrypt(privateKey, bArr);
        } else if (Constants.KEY_ALG_NAME_SM2.equals(CommonVariable.getKeyAlgName())) {
            bArr2 = GMSSLSM2EncryptUtils.decrypt(privateKey, bArr);
        } else if (Constants.KEY_ALG_NAME_NIST.equals(CommonVariable.getKeyAlgName())) {
            bArr2 = GMSSLECIESEncryptUtils.decrypt(privateKey, bArr);
        }
        return bArr2;
    }

    public static boolean verifyCertByYunHsm(X509Certificate x509Certificate, PublicKey publicKey) throws Exception {
        String sigAlgName = x509Certificate.getSigAlgName();
        boolean z = false;
        if (Constants.SIGN_ALG_NAME_SM3_WHIT_SM2.equalsIgnoreCase(sigAlgName)) {
            z = GMSSLCertUtils.verifyCert(publicKey, x509Certificate);
        } else if (Constants.SIGN_ALG_NAME_SHA1_WHIT_RSA.equalsIgnoreCase(sigAlgName) || Constants.SIGN_ALG_NAME_SHA1_WHIT_RSA_2.equalsIgnoreCase(sigAlgName)) {
            z = GMSSLRSASignUtils.verifyByYunHsm(GMSSLSignatureAlgorithm.SHA1_WITH_RSA.getSigAlgName(), publicKey, x509Certificate.getTBSCertificate(), x509Certificate.getSignature());
        } else if (Constants.SIGN_ALG_NAME_SHA256_WHIT_RSA.equalsIgnoreCase(sigAlgName)) {
            z = GMSSLRSASignUtils.verifyByYunHsm(GMSSLSignatureAlgorithm.SHA256_WITH_RSA.getSigAlgName(), publicKey, x509Certificate.getTBSCertificate(), x509Certificate.getSignature());
        } else if (Constants.SIGN_ALG_NAME_SHA256_WHIT_ECDSA.equalsIgnoreCase(sigAlgName)) {
            z = GMSSLECSignUtils.verifyByYunHsm(publicKey, x509Certificate.getTBSCertificate(), x509Certificate.getSignature(), GMSSLSignatureAlgorithm.SHA256_WITH_ECDSA.getSigAlgName());
        }
        return z;
    }

    public static boolean verifyCertByYunHsmWithOid(String str, PublicKey publicKey, byte[] bArr, byte[] bArr2) throws Exception {
        return SM2ObjectIdentifiers.sm2SignWithSm3.getId().equalsIgnoreCase(str) ? GMSSLSM2SignUtils.verifyByYunhsm(publicKey, Base64.toBase64String(bArr), Base64.toBase64String(bArr2)) : RsaObjectIdentifiers.sha1WithRSA.getId().equalsIgnoreCase(str) ? GMSSLRSASignUtils.verifyByYunHsm(GMSSLSignatureAlgorithm.SHA1_WITH_RSA.getSigAlgName(), publicKey, Base64.toBase64String(bArr), Base64.toBase64String(bArr2)) : RsaObjectIdentifiers.sha256WithRSA.getId().equalsIgnoreCase(str) ? GMSSLRSASignUtils.verifyByYunHsm(GMSSLSignatureAlgorithm.SHA256_WITH_RSA.getSigAlgName(), publicKey, Base64.toBase64String(bArr), Base64.toBase64String(bArr2)) : GMSSLECSignUtils.verifyByYunHsm(publicKey, bArr, bArr2, GMSSLSignatureAlgorithm.SHA256_WITH_ECDSA.getSigAlgName());
    }

    public static boolean verifyCertByYunHsm(String str, PublicKey publicKey, String str2, String str3) throws Exception {
        boolean z = false;
        if (Constants.SIGN_ALG_NAME_SM3_WHIT_SM2.equalsIgnoreCase(str)) {
            z = GMSSLSM2SignUtils.verifyByYunhsm(publicKey, str2, str3);
        } else if (Constants.SIGN_ALG_NAME_SHA1_WHIT_RSA.equalsIgnoreCase(str) || Constants.SIGN_ALG_NAME_SHA1_WHIT_RSA_2.equalsIgnoreCase(str)) {
            z = GMSSLRSASignUtils.verifyByYunHsm(GMSSLSignatureAlgorithm.SHA1_WITH_RSA.getSigAlgName(), publicKey, str2, str3);
        } else if (Constants.SIGN_ALG_NAME_SHA256_WHIT_RSA.equalsIgnoreCase(str)) {
            z = GMSSLRSASignUtils.verifyByYunHsm(GMSSLSignatureAlgorithm.SHA256_WITH_RSA.getSigAlgName(), publicKey, str2, str3);
        } else if (Constants.SIGN_ALG_NAME_SHA256_WHIT_ECDSA.equalsIgnoreCase(str)) {
            z = GMSSLECSignUtils.verifyByYunHsm(publicKey, str2, str3, GMSSLSignatureAlgorithm.SHA256_WITH_ECDSA.getSigAlgName());
        }
        return z;
    }

    public static boolean verifyByYunHsmWithOid(String str, String str2, PublicKey publicKey, byte[] bArr, byte[] bArr2) throws Exception {
        boolean z = false;
        if (DigestObjectIdentifiers.sm3.getId().equalsIgnoreCase(str)) {
            if (SM2ObjectIdentifiers.sm2256Alg.getId().equalsIgnoreCase(str2)) {
                z = GMSSLSM2SignUtils.verifyByYunhsm(publicKey, Base64.toBase64String(bArr), Base64.toBase64String(bArr2));
            }
        } else if (DigestObjectIdentifiers.id_sha1.getId().equalsIgnoreCase(str)) {
            z = GMSSLRSASignUtils.verifyByYunHsm(GMSSLSignatureAlgorithm.SHA1_WITH_RSA.getSigAlgName(), publicKey, Base64.toBase64String(bArr), Base64.toBase64String(bArr2));
        } else if (DigestObjectIdentifiers.id_sha256.getId().equalsIgnoreCase(str)) {
            if (RsaObjectIdentifiers.rsaAlg.getId().equalsIgnoreCase(str2)) {
                z = GMSSLRSASignUtils.verifyByYunHsm(GMSSLSignatureAlgorithm.SHA256_WITH_RSA.getSigAlgName(), publicKey, Base64.toBase64String(bArr), Base64.toBase64String(bArr2));
            } else if (NISTObjectIdentifiers.nist256.getId().equalsIgnoreCase(str2)) {
                z = GMSSLECSignUtils.verifyByYunHsm(publicKey, bArr, bArr2, GMSSLSignatureAlgorithm.SHA256_WITH_ECDSA.getSigAlgName());
            }
        }
        return z;
    }

    public static boolean verifyByBCWithOid(String str, String str2, PublicKey publicKey, byte[] bArr, byte[] bArr2) throws Exception {
        boolean z = false;
        if (DigestObjectIdentifiers.sm3.getId().equalsIgnoreCase(str)) {
            if (SM2ObjectIdentifiers.sm2256Alg.getId().equalsIgnoreCase(str2)) {
                z = GMSSLSM2SignUtils.verifyByBC(publicKey, Base64.toBase64String(bArr), Base64.toBase64String(bArr2));
            }
        } else if (DigestObjectIdentifiers.id_sha1.getId().equalsIgnoreCase(str)) {
            z = GMSSLRSASignUtils.verifyByBC(GMSSLSignatureAlgorithm.SHA1_WITH_RSA.getSigAlgName(), publicKey, Base64.toBase64String(bArr), Base64.toBase64String(bArr2));
        } else if (DigestObjectIdentifiers.id_sha256.getId().equalsIgnoreCase(str)) {
            if (RsaObjectIdentifiers.rsaAlg.getId().equalsIgnoreCase(str2)) {
                z = GMSSLRSASignUtils.verifyByBC(GMSSLSignatureAlgorithm.SHA256_WITH_RSA.getSigAlgName(), publicKey, Base64.toBase64String(bArr), Base64.toBase64String(bArr2));
            } else if (NISTObjectIdentifiers.nist256.getId().equalsIgnoreCase(str2)) {
                z = GMSSLBCSignUtils.verifySignature(GMSSLSignatureAlgorithm.SHA256_WITH_ECDSA.getSigAlgName(), publicKey, bArr, bArr2);
            }
        }
        return z;
    }

    public static boolean verifyCertByBC(String str, PublicKey publicKey, byte[] bArr, byte[] bArr2) throws Exception {
        boolean z = false;
        if (Constants.SIGN_ALG_NAME_SM3_WHIT_SM2.equalsIgnoreCase(str)) {
            z = GMSSLSM2SignUtils.verifyByBC(publicKey, bArr2, bArr);
        } else if (Constants.SIGN_ALG_NAME_SHA1_WHIT_RSA.equalsIgnoreCase(str) || Constants.SIGN_ALG_NAME_SHA1_WHIT_RSA_2.equalsIgnoreCase(str)) {
            z = GMSSLRSASignUtils.verifyByBC(GMSSLSignatureAlgorithm.SHA1_WITH_RSA.getSigAlgName(), publicKey, bArr2, bArr);
        } else if (Constants.SIGN_ALG_NAME_SHA256_WHIT_RSA.equalsIgnoreCase(str)) {
            z = GMSSLRSASignUtils.verifyByBC(GMSSLSignatureAlgorithm.SHA256_WITH_RSA.getSigAlgName(), publicKey, bArr2, bArr);
        } else if (Constants.SIGN_ALG_NAME_SHA256_WHIT_ECDSA.equalsIgnoreCase(str)) {
            z = GMSSLBCSignUtils.verifySignature(GMSSLSignatureAlgorithm.SHA256_WITH_ECDSA.getSigAlgName(), publicKey, bArr2, bArr);
        }
        return z;
    }

    public static boolean verifyCertByBCWithOid(String str, PublicKey publicKey, byte[] bArr, byte[] bArr2) throws Exception {
        boolean z = false;
        if (SM2ObjectIdentifiers.sm2SignWithSm3.getId().equalsIgnoreCase(str)) {
            z = GMSSLSM2SignUtils.verifyByBC(publicKey, bArr2, bArr);
        } else if (RsaObjectIdentifiers.sha1WithRSA.getId().equalsIgnoreCase(str)) {
            z = GMSSLRSASignUtils.verifyByBC(GMSSLSignatureAlgorithm.SHA1_WITH_RSA.getSigAlgName(), publicKey, bArr2, bArr);
        } else if (RsaObjectIdentifiers.sha256WithRSA.getId().equalsIgnoreCase(str)) {
            z = GMSSLRSASignUtils.verifyByBC(GMSSLSignatureAlgorithm.SHA256_WITH_RSA.getSigAlgName(), publicKey, bArr2, bArr);
        } else if (NISTObjectIdentifiers.nistSignAlgorithm.getId().equalsIgnoreCase(str)) {
            z = GMSSLBCSignUtils.verifySignature(GMSSLSignatureAlgorithm.SHA256_WITH_ECDSA.getSigAlgName(), publicKey, bArr2, bArr);
        }
        return z;
    }

    public static boolean verifyByBCWithAlgId(int i, int i2, PublicKey publicKey, byte[] bArr, byte[] bArr2) throws Exception {
        boolean z = false;
        if (KeyAlgEnum.RSA.value == i2) {
            if (DigestAlgEnum.SHA1.value == i) {
                z = GMSSLRSASignUtils.verifyByBC(GMSSLSignatureAlgorithm.SHA1_WITH_RSA.getSigAlgName(), publicKey, Base64.toBase64String(bArr), Base64.toBase64String(bArr2));
            } else if (DigestAlgEnum.SHA256.value == i) {
                z = GMSSLRSASignUtils.verifyByBC(GMSSLSignatureAlgorithm.SHA256_WITH_RSA.getSigAlgName(), publicKey, Base64.toBase64String(bArr), Base64.toBase64String(bArr2));
            }
        } else if (KeyAlgEnum.SM2.value == i2) {
            if (DigestAlgEnum.SM3.value == i) {
                z = GMSSLSM2SignUtils.verifyByBC(publicKey, Base64.toBase64String(bArr), Base64.toBase64String(bArr2));
            }
        } else if (KeyAlgEnum.NISTP256.value == i2 && DigestAlgEnum.NISTP256.value == i) {
            z = GMSSLBCSignUtils.verifySignature(GMSSLSignatureAlgorithm.SHA256_WITH_ECDSA.getSigAlgName(), publicKey, bArr, bArr2);
        }
        return z;
    }

    public static boolean verifyByYunHsmWithAlgId(int i, int i2, PublicKey publicKey, byte[] bArr, byte[] bArr2) throws Exception {
        boolean z = false;
        if (KeyAlgEnum.RSA.value == i2) {
            if (DigestAlgEnum.SHA1.value == i) {
                z = GMSSLRSASignUtils.verifyByYunHsm(GMSSLSignatureAlgorithm.SHA1_WITH_RSA.getSigAlgName(), publicKey, Base64.toBase64String(bArr), Base64.toBase64String(bArr2));
            } else if (DigestAlgEnum.SHA256.value == i) {
                z = GMSSLRSASignUtils.verifyByYunHsm(GMSSLSignatureAlgorithm.SHA256_WITH_RSA.getSigAlgName(), publicKey, Base64.toBase64String(bArr), Base64.toBase64String(bArr2));
            }
        } else if (KeyAlgEnum.SM2.value == i2) {
            if (DigestAlgEnum.SM3.value == i) {
                z = GMSSLSM2SignUtils.verifyByYunhsm(publicKey, Base64.toBase64String(bArr), Base64.toBase64String(bArr2));
            }
        } else if (KeyAlgEnum.NISTP256.value == i2) {
            z = GMSSLECSignUtils.verifyByYunHsm(publicKey, bArr, bArr2, GMSSLSignatureAlgorithm.SHA256_WITH_ECDSA.getSigAlgName());
        }
        return z;
    }

    public static String signByYunHsm(String str, int i, String str2, String str3) throws Exception {
        String str4 = null;
        if (Constants.SIGN_ALG_NAME_SM3_WHIT_SM2.equalsIgnoreCase(str)) {
            str4 = GMSSLSM2SignUtils.signByYunhsm(i, str2, str3);
        } else if (Constants.SIGN_ALG_NAME_SHA1_WHIT_RSA.equalsIgnoreCase(str) || Constants.SIGN_ALG_NAME_SHA1_WHIT_RSA_2.equalsIgnoreCase(str)) {
            str4 = GMSSLRSASignUtils.signByYunHsm(GMSSLSignatureAlgorithm.SHA1_WITH_RSA.getSigAlgName(), i, str2, str3);
        } else if (Constants.SIGN_ALG_NAME_SHA256_WHIT_RSA.equalsIgnoreCase(str)) {
            str4 = GMSSLRSASignUtils.signByYunHsm(GMSSLSignatureAlgorithm.SHA256_WITH_RSA.getSigAlgName(), i, str2, str3);
        } else if (Constants.SIGN_ALG_NAME_SHA256_WHIT_ECDSA.equalsIgnoreCase(str)) {
            str4 = Base64.toBase64String(GMSSLECSignUtils.signByYunHsm(i, str2, Base64.decode(str3), GMSSLSignatureAlgorithm.SHA256_WITH_ECDSA.getSigAlgName()));
        }
        return str4;
    }

    public static String signByBC(String str, byte[] bArr, String str2) throws Exception {
        String str3 = null;
        if (Constants.SIGN_ALG_NAME_SM3_WHIT_SM2.equalsIgnoreCase(str)) {
            PrivateKeyInfo privateKeyInfo = PrivateKeyInfo.getInstance(bArr);
            str3 = GMSSLSM2SignUtils.signByBC(KeyFactory.getInstance(privateKeyInfo.getPrivateKeyAlgorithm().getAlgorithm().getId(), (Provider) new BouncyCastleProvider()).generatePrivate(new PKCS8EncodedKeySpec(privateKeyInfo.getEncoded())), str2);
        } else if (Constants.SIGN_ALG_NAME_SHA1_WHIT_RSA.equalsIgnoreCase(str) || Constants.SIGN_ALG_NAME_SHA1_WHIT_RSA_2.equalsIgnoreCase(str)) {
            str3 = GMSSLRSASignUtils.signByBC(GMSSLSignatureAlgorithm.SHA1_WITH_RSA.getSigAlgName(), RSAPrivateKeyImpl.parseKey(new DerValue(bArr)), str2);
        } else if (Constants.SIGN_ALG_NAME_SHA256_WHIT_RSA.equalsIgnoreCase(str)) {
            str3 = GMSSLRSASignUtils.signByBC(GMSSLSignatureAlgorithm.SHA256_WITH_RSA.getSigAlgName(), RSAPrivateKeyImpl.parseKey(new DerValue(bArr)), str2);
        } else if (Constants.SIGN_ALG_NAME_SHA256_WHIT_ECDSA.equalsIgnoreCase(str)) {
            PrivateKeyInfo privateKeyInfo2 = PrivateKeyInfo.getInstance(bArr);
            str3 = Base64.toBase64String(GMSSLBCSignUtils.generateSignature(GMSSLSignatureAlgorithm.SHA256_WITH_ECDSA.getSigAlgName(), KeyFactory.getInstance(privateKeyInfo2.getPrivateKeyAlgorithm().getAlgorithm().getId(), (Provider) new BouncyCastleProvider()).generatePrivate(new PKCS8EncodedKeySpec(privateKeyInfo2.getEncoded())), Base64.decode(str2)));
        }
        return str3;
    }

    public static String digestByYunHsm(String str, String str2) throws Exception {
        String str3 = null;
        if (Constants.SIGN_ALG_NAME_SM3_WHIT_SM2.equalsIgnoreCase(str)) {
            str3 = GMSSLSM3DigestUtils.digestByYunhsm(str2);
        } else if (Constants.SIGN_ALG_NAME_SHA1_WHIT_RSA.equalsIgnoreCase(str) || Constants.SIGN_ALG_NAME_SHA1_WHIT_RSA_2.equalsIgnoreCase(str)) {
            str3 = GMSSLSHA1DigestUtils.digestByYunHsm(str2);
        } else if (Constants.SIGN_ALG_NAME_SHA256_WHIT_RSA.equalsIgnoreCase(str) || Constants.SIGN_ALG_NAME_SHA256_WHIT_ECDSA.equalsIgnoreCase(str)) {
            str3 = GMSSLSHA256DigestUtils.digestByYunHsm(str2);
        }
        return str3;
    }

    public static String digestByBC(String str, String str2) throws Exception {
        String str3 = null;
        if (Constants.SIGN_ALG_NAME_SM3_WHIT_SM2.equalsIgnoreCase(str)) {
            str3 = GMSSLSM3DigestUtils.digestByBC(str2);
        } else if (Constants.SIGN_ALG_NAME_SHA1_WHIT_RSA.equalsIgnoreCase(str) || Constants.SIGN_ALG_NAME_SHA1_WHIT_RSA_2.equalsIgnoreCase(str)) {
            str3 = GMSSLSHA1DigestUtils.digestByBC(str2);
        } else if (Constants.SIGN_ALG_NAME_SHA256_WHIT_RSA.equalsIgnoreCase(str) || Constants.SIGN_ALG_NAME_SHA256_WHIT_ECDSA.equalsIgnoreCase(str)) {
            str3 = GMSSLSHA256DigestUtils.digestByBC(str2);
        }
        return str3;
    }

    public static byte[] digestByYunHsmWithOid(String str, byte[] bArr) throws Exception {
        byte[] bArr2 = null;
        if (DigestObjectIdentifiers.sm3.getId().equalsIgnoreCase(str)) {
            bArr2 = GMSSLSM3DigestUtils.digestByYunhsm(bArr);
        } else if (DigestObjectIdentifiers.id_sha1.getId().equalsIgnoreCase(str)) {
            bArr2 = GMSSLSHA1DigestUtils.digestByYunHsm(bArr);
        } else if (DigestObjectIdentifiers.id_sha256.getId().equalsIgnoreCase(str)) {
            bArr2 = GMSSLSHA256DigestUtils.digestByYunHsm(bArr);
        }
        return bArr2;
    }

    public static byte[] digestByBCWithOid(String str, byte[] bArr) throws Exception {
        byte[] bArr2 = null;
        if (DigestObjectIdentifiers.sm3.getId().equalsIgnoreCase(str)) {
            bArr2 = GMSSLSM3DigestUtils.digestByBC(bArr);
        } else if (DigestObjectIdentifiers.id_sha1.getId().equalsIgnoreCase(str)) {
            bArr2 = GMSSLSHA1DigestUtils.digestByBC(bArr);
        } else if (DigestObjectIdentifiers.id_sha256.getId().equalsIgnoreCase(str)) {
            bArr2 = GMSSLSHA256DigestUtils.digestByBC(bArr);
        }
        return bArr2;
    }

    public static String asymmetryDecryptByYunHsm(String str, int i, String str2, String str3) throws Exception {
        String str4 = null;
        if (SM2ObjectIdentifiers.sm2256_encrypt.getId().equalsIgnoreCase(str)) {
            str4 = GMSSLSM2EncryptUtils.decryptASN1ByYunhsm(i, str2, str3);
        } else if (RsaObjectIdentifiers.rsaAlg.getId().equalsIgnoreCase(str)) {
        }
        return str4;
    }

    public static String asymmetryDecryptByBC(String str, byte[] bArr, String str2) throws Exception {
        String str3 = null;
        PrivateKeyInfo privateKeyInfo = PrivateKeyInfo.getInstance(bArr);
        PrivateKey generatePrivate = KeyFactory.getInstance(privateKeyInfo.getPrivateKeyAlgorithm().getAlgorithm().getId(), (Provider) new BouncyCastleProvider()).generatePrivate(new PKCS8EncodedKeySpec(privateKeyInfo.getEncoded()));
        if (SM2ObjectIdentifiers.sm2256_encrypt.getId().equalsIgnoreCase(str)) {
            str3 = GMSSLSM2EncryptUtils.decryptASN1ByBC(generatePrivate, str2);
        } else if (RsaObjectIdentifiers.rsaAlg.getId().equalsIgnoreCase(str)) {
            str3 = GMSSLRSAEncryptUtils.decryptDataPKCS1ByBC(generatePrivate, str2);
        }
        return str3;
    }

    public static String symmetryDecryptByYunHsm(String str, String str2, String str3) throws Exception {
        String str4 = null;
        if (SymmetryObjectIdentifiers.sm4.getId().equalsIgnoreCase(str)) {
            str4 = GMSSLSM4ECBEncryptUtils.decryptByYumhsmWithPKCS7Padding(str2, str3);
        } else if (RsaObjectIdentifiers.rsaAlg.getId().equalsIgnoreCase(str)) {
        }
        return str4;
    }

    public static String symmetryDecryptByBC(String str, String str2, String str3, String str4) throws Exception {
        String str5 = null;
        if (SymmetryObjectIdentifiers.sm4.getId().equalsIgnoreCase(str)) {
            str5 = Constants.KEY_ALG_NAME_SM2.equalsIgnoreCase(str4) ? GMSSLSM4ECBEncryptUtils.decryptByBCWithNoPadding(str2, str3) : GMSSLSM4ECBEncryptUtils.decryptByBCWithPKCS5Padding(str2, str3);
        } else if (RsaObjectIdentifiers.rsaAlg.getId().equalsIgnoreCase(str)) {
        }
        return str5;
    }

    public static void openHttpsPortByBC(String str, List<X509Certificate> list, X509Certificate x509Certificate, X509Certificate x509Certificate2, byte[] bArr, byte[] bArr2, String str2, int i) throws Exception {
        PrivateKeyInfo privateKeyInfo = PrivateKeyInfo.getInstance(bArr);
        PrivateKey generatePrivate = KeyFactory.getInstance(privateKeyInfo.getPrivateKeyAlgorithm().getAlgorithm().getId()).generatePrivate(new PKCS8EncodedKeySpec(privateKeyInfo.getEncoded()));
        PrivateKeyInfo privateKeyInfo2 = PrivateKeyInfo.getInstance(bArr);
        PrivateKey generatePrivate2 = KeyFactory.getInstance(privateKeyInfo2.getPrivateKeyAlgorithm().getAlgorithm().getId()).generatePrivate(new PKCS8EncodedKeySpec(privateKeyInfo2.getEncoded()));
        if (SM2ObjectIdentifiers.sm2256.getId().equalsIgnoreCase(str)) {
            GMSSLTomcatUtils.openHttpsPortByBC(list, x509Certificate, x509Certificate2, generatePrivate, generatePrivate2, str2, i);
        } else if (RsaObjectIdentifiers.rsaAlg.getId().equalsIgnoreCase(str)) {
            GMSSLTomcatUtils.openHttpsPortByJKSWithRSA(list, x509Certificate, x509Certificate2, generatePrivate, generatePrivate2, str2, i);
        } else {
            GMSSLTomcatUtils.openHttpsPortByJKSWithNIST(list, x509Certificate, generatePrivate, i);
        }
    }

    public static void openHttpsPortByYunHsm(String str, X509Certificate x509Certificate, X509Certificate x509Certificate2, X509Certificate x509Certificate3, int i, String str2, String str3, int i2) throws Exception {
        if (SM2ObjectIdentifiers.sm2256.getId().equalsIgnoreCase(str)) {
            GMSSLTomcatUtils.openHttpsPortByYunHsm(x509Certificate, x509Certificate2, x509Certificate3, i, str2, str3, i2);
        } else {
            if (RsaObjectIdentifiers.rsaAlg.getId().equalsIgnoreCase(str)) {
            }
        }
    }

    public static void verifyP10ByYunHsm(String str) throws Exception {
        GMSSLP10Utils.decodeP10VerifyByYunhsm(str);
    }

    public static void verifyP10ByBC(String str) throws Exception {
        GMSSLP10Utils.decodeP10VerifyByBC(str);
    }

    public static void main(String[] strArr) throws Exception {
        KeyPair generateSM2KeyPair = GMSSLX509Utils.generateSM2KeyPair();
        PrivateKey privateKey = generateSM2KeyPair.getPrivate();
        PublicKey publicKey = generateSM2KeyPair.getPublic();
        byte[] bytes = "test".getBytes();
        Base64.toBase64String(bytes);
        privateKeyDecryptDate(privateKey, Base64.decode(Base64.toBase64String(publicKeyEncryptDate(publicKey, bytes))));
    }

    static {
        if (null == Security.getProvider("BC")) {
            Security.addProvider(new BouncyCastleProvider());
        }
    }
}
