package com.xdja.pki.ra.core.util;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileReader;
import java.security.Key;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import java.security.Security;
import java.security.Signature;
import java.util.Enumeration;
import javax.crypto.Cipher;
import org.bouncycastle.crypto.digests.SHA1Digest;
import org.bouncycastle.crypto.digests.SHA256Digest;
import org.bouncycastle.crypto.digests.SM3Digest;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openssl.PEMDecryptorProvider;
import org.bouncycastle.openssl.PEMEncryptedKeyPair;
import org.bouncycastle.openssl.PEMKeyPair;
import org.bouncycastle.openssl.PEMParser;
import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;
import org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder;
import org.bouncycastle.util.encoders.Base64;

/* loaded from: input_file:WEB-INF/lib/ra-core-0.0.1-SNAPSHOT.jar:com/xdja/pki/ra/core/util/SignUtils.class */
public class SignUtils {
    public static String sign(String str, PrivateKey privateKey, String str2) {
        try {
            Signature signature = Signature.getInstance(str, "BC");
            signature.initSign(privateKey);
            signature.update(str2.getBytes());
            return new String(Base64.encode(signature.sign()));
        } catch (Exception e) {
            throw new RuntimeException("签名失败", e);
        }
    }

    public static boolean verify(String str, PublicKey publicKey, String str2, String str3) throws Exception {
        Signature signature = Signature.getInstance(str, "BC");
        signature.initVerify(publicKey);
        signature.update(str2.getBytes());
        return signature.verify(Base64.decode(str3.getBytes()));
    }

    public static String encryption(String str, Key key, String str2) throws Exception {
        Cipher cipher = Cipher.getInstance(str, "BC");
        cipher.init(1, key);
        return new String(Base64.encode(cipher.doFinal(str2.getBytes())));
    }

    public static String hash(int i, String str) throws Exception {
        SM3Digest sHA256Digest;
        switch (i) {
            case 1:
                sHA256Digest = new SM3Digest();
                break;
            case 2:
                sHA256Digest = new SHA1Digest();
                break;
            case 3:
                sHA256Digest = new SHA256Digest();
                break;
            default:
                throw new RuntimeException("不支持的hash算法id:" + i);
        }
        byte[] bytes = str.getBytes();
        sHA256Digest.update(bytes, 0, bytes.length);
        byte[] bArr = new byte[sHA256Digest.getDigestSize()];
        sHA256Digest.doFinal(bArr, 0);
        return new String(Base64.encode(bArr));
    }

    public static PrivateKey getPrivateKey(String str) throws Exception {
        if (!new File(str).exists()) {
            throw new FileNotFoundException("文件不存在");
        }
        PEMParser pEMParser = new PEMParser(new FileReader(str));
        Object readObject = pEMParser.readObject();
        pEMParser.close();
        PEMDecryptorProvider build = new JcePEMDecryptorProviderBuilder().build((char[]) null);
        JcaPEMKeyConverter provider = new JcaPEMKeyConverter().setProvider("BC");
        return (readObject instanceof PEMEncryptedKeyPair ? provider.getKeyPair(((PEMEncryptedKeyPair) readObject).decryptKeyPair(build)) : provider.getKeyPair((PEMKeyPair) readObject)).getPrivate();
    }

    public static PrivateKey getPrivateKeyFromP12(String str, char[] cArr) throws Exception {
        if (!new File(str).exists()) {
            throw new FileNotFoundException("文件不存在");
        }
        KeyStore keyStore = KeyStore.getInstance("PKCS12", (Provider) new BouncyCastleProvider());
        keyStore.load(new FileInputStream(str), cArr);
        Enumeration<String> aliases = keyStore.aliases();
        PrivateKey privateKey = null;
        while (true) {
            PrivateKey privateKey2 = privateKey;
            if (!aliases.hasMoreElements()) {
                return privateKey2;
            }
            privateKey = (PrivateKey) keyStore.getKey(aliases.nextElement(), cArr);
        }
    }

    static {
        Security.addProvider(new BouncyCastleProvider());
    }
}
