package com.wangyin.key.server.util;

import com.wangyin.key.server.exception.AksExceptionEnum;
import com.wangyin.key.server.exception.KeyException;
import com.wangyin.key.server.model.AlgEnum;
import com.wangyin.key.server.model.ModeEnum;
import com.wangyin.key.server.model.PaddingEnum;
import java.io.ByteArrayInputStream;
import java.math.BigInteger;
import java.nio.ByteBuffer;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Security;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Date;
import javax.crypto.Cipher;
import javax.crypto.NoSuchPaddingException;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.util.BigIntegers;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/wangyin/key/server/util/PKIHelper.class */
public class PKIHelper {
    private static final Logger LOGGER = LoggerFactory.getLogger(PKIHelper.class);

    public static AKSCertInfo getCertInfo(byte[] bArr) {
        X509Certificate parseCert = parseCert(bArr);
        if (parseCert == null) {
            throw new KeyException(AksExceptionEnum.AKS_99_00043.getCode(), AksExceptionEnum.AKS_99_00043.getDesc());
        }
        AKSCertInfo aKSCertInfo = new AKSCertInfo();
        Date date = new Date();
        try {
            aKSCertInfo.setCertB64(DatatypeConverter.printBase64Binary(parseCert.getEncoded()));
        } catch (CertificateEncodingException e) {
            LOGGER.warn("getCertInfo CertificateEncodingException");
        }
        aKSCertInfo.setCertDN(parseCert.getSubjectDN().getName());
        aKSCertInfo.setCertSN(ByteUtil.bytesToHexString(parseCert.getSerialNumber().toByteArray()).toUpperCase());
        aKSCertInfo.setCertIDN(parseCert.getIssuerDN().getName());
        aKSCertInfo.setCertResidualTime((((parseCert.getNotAfter().getTime() - date.getTime()) / 1000) / 3600) / 24);
        return aKSCertInfo;
    }

    public static X509Certificate parseCert(byte[] bArr) {
        ByteArrayInputStream certToInput = certToInput(bArr);
        if (certToInput == null) {
            return null;
        }
        try {
            return (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(certToInput);
        } catch (CertificateException e) {
            try {
                return (X509Certificate) CertificateFactory.getInstance("X.509", "BC").generateCertificate(certToInput(bArr));
            } catch (Exception e2) {
                LOGGER.warn("X509证书初始化失败, cert is {}", DatatypeConverter.printBase64Binary(bArr));
                return null;
            }
        }
    }

    private static ByteArrayInputStream certToInput(byte[] bArr) {
        if (bArr == null) {
            return null;
        }
        try {
            String str = new String(bArr, "UTF-8");
            return (!(str.startsWith("-----BEGIN CERTIFICATE-----") && str.endsWith("-----END CERTIFICATE-----")) && !(str.startsWith("-----BEGIN X509 CERTIFICATE-----") && str.endsWith("-----END X509 CERTIFICATE-----")) && StringUtil.isBase64(bArr)) ? new ByteArrayInputStream(DatatypeConverter.parseBase64Binary(str)) : new ByteArrayInputStream(bArr);
        } catch (Exception e) {
            LOGGER.warn("certToInputStream error, cert is {}", DatatypeConverter.printBase64Binary(bArr));
            return null;
        }
    }

    public static boolean certIsExpire(byte[] bArr) {
        return certIsExpire(parseCert(bArr));
    }

    public static boolean certIsExpire(X509Certificate x509Certificate) {
        if (x509Certificate == null) {
            return true;
        }
        return new Date().getTime() > x509Certificate.getNotAfter().getTime();
    }

    public static String getPubKeyStringForSM2(String str, byte[] bArr) {
        byte[] pubKeyForSM2 = getPubKeyForSM2(bArr);
        ByteBuffer allocate = ByteBuffer.allocate(9 + pubKeyForSM2.length);
        allocate.put(new byte[]{1, 19, 0});
        allocate.put(str.replace("_13_", "").getBytes());
        allocate.put(pubKeyForSM2);
        return DatatypeConverter.printBase64Binary(allocate.array());
    }

    public static byte[] getPubKeyForSM2(byte[] bArr) {
        try {
            return new ASN1InputStream(new ByteArrayInputStream(parseCert(bArr).getPublicKey().getEncoded())).readObject().getObjectAt(1).getOctets();
        } catch (Exception e) {
            LOGGER.warn("getPubKeyForSM2 error, cert is {}", DatatypeConverter.printBase64Binary(bArr));
            throw new KeyException(AksExceptionEnum.AKS_99_00089.getCode(), AksExceptionEnum.AKS_99_00089.getDesc() + e.toString() + e.getMessage());
        }
    }

    /* JADX WARN: Type inference failed for: r0v3, types: [byte[], byte[][]] */
    public static byte[][] parseSMWebData(String str) {
        try {
            ?? r0 = new byte[4];
            byte[] parseBase64Binary = DatatypeConverter.parseBase64Binary(str);
            if (parseBase64Binary[0] != 1 || parseBase64Binary.length < 137) {
                LOGGER.warn("parseSMWebData error, data is {}", str);
                throw new KeyException(AksExceptionEnum.AKS_99_00057.getCode(), AksExceptionEnum.AKS_99_00057.getDesc() + str);
            }
            byte[] bArr = new byte[6];
            System.arraycopy(parseBase64Binary, 3, bArr, 0, bArr.length);
            r0[0] = bArr;
            byte[] bArr2 = new byte[64];
            System.arraycopy(parseBase64Binary, 9, bArr2, 0, bArr2.length);
            byte[] bArr3 = new byte[32];
            System.arraycopy(parseBase64Binary, bArr2.length + 9, bArr3, 0, bArr3.length);
            byte[] bArr4 = new byte[16];
            System.arraycopy(parseBase64Binary, bArr2.length + bArr3.length + 9, bArr4, 0, bArr4.length);
            byte[] bArr5 = new byte[16];
            System.arraycopy(parseBase64Binary, 121, bArr5, 0, bArr5.length);
            r0[1] = bArr5;
            byte[] bArr6 = new byte[parseBase64Binary.length - 137];
            System.arraycopy(parseBase64Binary, 137, bArr6, 0, bArr6.length);
            r0[2] = bArr6;
            BigInteger fromUnsignedByteArray = BigIntegers.fromUnsignedByteArray(bArr2, 0, 32);
            BigInteger fromUnsignedByteArray2 = BigIntegers.fromUnsignedByteArray(bArr2, 32, 32);
            ASN1Integer aSN1Integer = new ASN1Integer(fromUnsignedByteArray);
            ASN1Integer aSN1Integer2 = new ASN1Integer(fromUnsignedByteArray2);
            DEROctetString dEROctetString = new DEROctetString(bArr4);
            DEROctetString dEROctetString2 = new DEROctetString(bArr3);
            ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
            aSN1EncodableVector.add(aSN1Integer);
            aSN1EncodableVector.add(aSN1Integer2);
            aSN1EncodableVector.add(dEROctetString2);
            aSN1EncodableVector.add(dEROctetString);
            r0[3] = new DERSequence(aSN1EncodableVector).getEncoded();
            return r0;
        } catch (Exception e) {
            LOGGER.warn("parseSMWebData error, data is {}", str, e);
            throw new KeyException(AksExceptionEnum.AKS_99_00057.getCode(), AksExceptionEnum.AKS_99_00057.getDesc() + str);
        }
    }

    /* JADX WARN: Type inference failed for: r0v3, types: [byte[], byte[][]] */
    public static byte[][] parseSMKeyboardData(String str) {
        try {
            ?? r0 = new byte[3];
            byte[] parseBase64Binary = DatatypeConverter.parseBase64Binary(str);
            if (parseBase64Binary.length < 128) {
                LOGGER.warn("parseSMKeyboardData error, data is {}", str);
                throw new KeyException(AksExceptionEnum.AKS_99_00090.getCode(), AksExceptionEnum.AKS_99_00090.getDesc() + str);
            }
            byte[] bArr = new byte[64];
            System.arraycopy(parseBase64Binary, 0, bArr, 0, bArr.length);
            byte[] bArr2 = new byte[32];
            System.arraycopy(parseBase64Binary, bArr.length, bArr2, 0, bArr2.length);
            byte[] bArr3 = new byte[16];
            System.arraycopy(parseBase64Binary, bArr.length + bArr2.length, bArr3, 0, bArr3.length);
            byte[] bArr4 = new byte[16];
            System.arraycopy(parseBase64Binary, 112, bArr4, 0, bArr4.length);
            r0[0] = bArr4;
            byte[] bArr5 = new byte[parseBase64Binary.length - 128];
            System.arraycopy(parseBase64Binary, 128, bArr5, 0, bArr5.length);
            r0[1] = bArr5;
            BigInteger fromUnsignedByteArray = BigIntegers.fromUnsignedByteArray(bArr, 0, 32);
            BigInteger fromUnsignedByteArray2 = BigIntegers.fromUnsignedByteArray(bArr, 32, 32);
            ASN1Integer aSN1Integer = new ASN1Integer(fromUnsignedByteArray);
            ASN1Integer aSN1Integer2 = new ASN1Integer(fromUnsignedByteArray2);
            DEROctetString dEROctetString = new DEROctetString(bArr3);
            DEROctetString dEROctetString2 = new DEROctetString(bArr2);
            ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
            aSN1EncodableVector.add(aSN1Integer);
            aSN1EncodableVector.add(aSN1Integer2);
            aSN1EncodableVector.add(dEROctetString2);
            aSN1EncodableVector.add(dEROctetString);
            r0[2] = new DERSequence(aSN1EncodableVector).getEncoded();
            return r0;
        } catch (Exception e) {
            LOGGER.warn("parseSMKeyboardData error, data is {}", str, e);
            throw new KeyException(AksExceptionEnum.AKS_99_00090.getCode(), AksExceptionEnum.AKS_99_00090.getDesc() + str);
        }
    }

    public static Cipher getCipherBC(AlgEnum algEnum, ModeEnum modeEnum, PaddingEnum paddingEnum) throws NoSuchPaddingException, NoSuchAlgorithmException, NoSuchProviderException {
        return Cipher.getInstance(CryptUtil.getAlgorithmString(algEnum, modeEnum, paddingEnum), "BC");
    }

    static {
        if (Security.getProvider("BC") == null) {
            Security.addProvider(new BouncyCastleProvider());
        }
    }
}
