package ccit.security.bssp;

import ccit.security.bssp.base.CertParseBase;
import ccit.security.bssp.base.DigestBase;
import ccit.security.bssp.base.EcryptBase;
import ccit.security.bssp.base.SignBase;
import ccit.security.bssp.bean.CERT_INFO;
import ccit.security.bssp.bean.KeyPairInfo;
import ccit.security.bssp.bean.RSAKeyPair;
import ccit.security.bssp.common.ErrorConstant;
import ccit.security.bssp.common.TypeConstant;
import ccit.security.bssp.ex.CCITSecurityException;
import ccit.security.bssp.ex.CrypException;
import ccit.security.bssp.sm2.Cryption;
import ccit.security.bssp.sm2.KeyPair;
import ccit.security.bssp.sm2.Randoms;
import ccit.security.bssp.sm2.SM2PrivateKeyDer;
import ccit.security.bssp.sm2.SM2PublicKeyDer;
import ccit.security.bssp.sm2.SM3Hash;
import ccit.security.bssp.sm2.SMS4;
import ccit.security.bssp.sm2.Signature;
import ccit.security.bssp.util.Constants;
import ccit.security.bssp.util.MAC;
import ccit.security.bssp.util.MiscTools;
import ccit.security.bssp.util.ParseCertExtUtil;
import ccit.security.bssp.util.ParseCertUtil;
import ccit.security.bssp.util.Resource;
import java.io.ByteArrayInputStream;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.InvalidParameterException;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.util.Enumeration;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.DERBitString;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.x509.X509CertificateStructure;
import org.bouncycastle.crypto.CryptoException;
import org.bouncycastle.util.encoders.Base64;

/* loaded from: input_file:ccit/security/bssp/CAUtility.class */
public class CAUtility {
    public static CAUtility getInstance() {
        return new CAUtility();
    }

    public static byte[] ASymEncOrDec(int i, byte[] bArr, boolean z, byte[] bArr2) throws CrypException {
        String str;
        byte[] checkPEM;
        if (bArr == null) {
            throw new CrypException(ErrorConstant.CE_VERIFY_FAIL, "Operation failed! Key cann't be null!");
        }
        if (bArr2 == null) {
            throw new CrypException(ErrorConstant.CE_VERIFY_FAIL, "Operation failed! The data to be encrypted or decrypted cann't be null!");
        }
        if (!z && (checkPEM = MiscTools.checkPEM(bArr2)) != null) {
            bArr2 = Base64.decode(checkPEM);
        }
        byte[] checkPEM2 = MiscTools.checkPEM(bArr);
        if (checkPEM2 != null) {
            bArr = Base64.decode(checkPEM2);
        }
        if (i == 1) {
            str = "RSA/ECB/PKCS1Padding";
        } else {
            if (i != 2) {
                throw new CrypException(ErrorConstant.CE_ALGRITHM_UNSPPORT, ErrorConstant.DE_CE_ALGRITHM_UNSPPORT);
            }
            str = "RSA/ECB/NoPadding";
        }
        return EcryptBase.crypto(str, bArr, z, bArr2);
    }

    public static byte[] base64Decode(byte[] bArr) throws CrypException {
        return Base64.decode(bArr);
    }

    public static byte[] base64Encode(byte[] bArr) throws CrypException {
        return Base64.encode(bArr);
    }

    public static byte[] cryption(int i, byte[] bArr, boolean z, byte[] bArr2) throws CrypException {
        String str;
        byte[] checkPEM;
        if (bArr == null) {
            throw new CrypException(ErrorConstant.CE_VERIFY_FAIL, "Operation failed! Key cann't be null!");
        }
        if (bArr2 == null) {
            throw new CrypException(ErrorConstant.CE_VERIFY_FAIL, "Operation failed! The data to be encrypted or decrypted cann't be null!");
        }
        if (!z && (checkPEM = MiscTools.checkPEM(bArr2)) != null) {
            bArr2 = Base64.decode(checkPEM);
        }
        byte[] checkPEM2 = MiscTools.checkPEM(bArr);
        if (checkPEM2 != null) {
            bArr = Base64.decode(checkPEM2);
        }
        if (i == 1) {
            str = "RSA/ECB/PKCS1Padding";
        } else {
            if (i != 2) {
                throw new CrypException(ErrorConstant.CE_ALGRITHM_UNSPPORT, ErrorConstant.DE_CE_ALGRITHM_UNSPPORT);
            }
            str = "RSA/ECB/NoPadding";
        }
        return EcryptBase.crypto(str, bArr, z, bArr2);
    }

    public static byte[] digest(byte[] bArr, int i) throws CrypException {
        if (bArr == null) {
            throw new CrypException(ErrorConstant.CE_DIGEST_FAIL, "Digest failed! Data to be digested cann't be null!");
        }
        return DigestBase.digest(bArr, i);
    }

    public static byte[] EccSign(int i, byte[] bArr, byte[] bArr2) throws CrypException {
        if (bArr == null) {
            throw new CrypException(ErrorConstant.CE_VERIFY_FAIL, "Verify failed! privateKey cann't be null!");
        }
        if (bArr2 == null) {
            throw new CrypException(ErrorConstant.CE_VERIFY_FAIL, "Verify failed! The data to be signed cann't be null!");
        }
        Signature signature = new Signature();
        byte[] checkPEM = MiscTools.checkPEM(bArr);
        if (checkPEM != null) {
            bArr = Base64.decode(checkPEM);
        }
        try {
            if (i != 260) {
                throw new CrypException(ErrorConstant.CE_ALGRITHM_UNSPPORT, "Algorithm unsupported!");
            }
            return signature.Sm2Sign(bArr2, Constants.UserID.getBytes("GB2312"), SM2PrivateKeyDer.sm2PrivateKeyDerDecode(bArr), null);
        } catch (Exception e) {
            throw new CrypException(e.getMessage(), e);
        }
    }

    public static String SM2EncOrDec(boolean z, String str, String str2) throws Exception {
        if (isEmpty(str)) {
            throw new Exception("keyData is null");
        }
        if (isEmpty(str2)) {
            throw new Exception("indata is null");
        }
        try {
            if (!z) {
                return new String(Cryption.SM2Decrypt(Base64.decode(str2.getBytes()), SM2PrivateKeyDer.sm2PrivateKeyDerDecode(Base64.decode(str))));
            }
            return new String(Base64.encode(Cryption.SM2Encrypt(str2.getBytes(), SM2PublicKeyDer.sm2PubkeyDerDecode(Base64.decode(str)), Randoms.getRandom())));
        } catch (Exception e) {
            throw e;
        }
    }

    public static boolean isCert(String str) {
        boolean z = false;
        try {
        } catch (Exception e) {
            z = false;
        }
        if (isEmpty(str)) {
            throw new Exception("cert is null");
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(Base64.decode(str));
        ASN1InputStream aSN1InputStream = new ASN1InputStream(byteArrayInputStream);
        ASN1Sequence readObject = aSN1InputStream.readObject();
        aSN1InputStream.close();
        byteArrayInputStream.close();
        if (new X509CertificateStructure(readObject) != null) {
            z = true;
        }
        return z;
    }

    private static boolean isEmpty(String str) {
        return str == null || "".equals(str.trim());
    }

    public static int EccVerifySign(int i, byte[] bArr, byte[] bArr2, byte[] bArr3) throws CrypException {
        if (bArr == null) {
            throw new CrypException(ErrorConstant.CE_VERIFY_FAIL, "Verify failed! publicKey cann't be null!");
        }
        if (bArr2 == null) {
            throw new CrypException(ErrorConstant.CE_VERIFY_FAIL, "Verify failed! The data to be signed cann't be null!");
        }
        if (bArr3 == null) {
            throw new CrypException(ErrorConstant.CE_VERIFY_FAIL, "Verify failed! The signed data cann't be null!");
        }
        Signature signature = new Signature();
        byte[] checkPEM = MiscTools.checkPEM(bArr);
        if (checkPEM != null) {
            bArr = Base64.decode(checkPEM);
        }
        byte[] checkPEM2 = MiscTools.checkPEM(bArr3);
        if (checkPEM2 != null) {
            bArr3 = Base64.decode(checkPEM2);
        }
        try {
            if (i != 260) {
                throw new CrypException(ErrorConstant.CE_ALGRITHM_UNSPPORT, "Algorithm unsupported!");
            }
            return signature.VerifySm2SignatureByPubKey(SM2PublicKeyDer.sm2PubkeyDerDecode(bArr), bArr3, bArr2);
        } catch (Exception e) {
            throw new CrypException(e.getMessage(), e);
        }
    }

    public static int EccVerifySignByCert(int i, byte[] bArr, byte[] bArr2, byte[] bArr3) throws CrypException {
        if (bArr == null) {
            throw new CrypException(ErrorConstant.CE_VERIFY_FAIL, "Verify failed! Key cann't be null!");
        }
        if (bArr2 == null) {
            throw new CrypException(ErrorConstant.CE_VERIFY_FAIL, "Verify failed! The data to be signed cann't be null!");
        }
        if (bArr3 == null) {
            throw new CrypException(ErrorConstant.CE_VERIFY_FAIL, "Verify failed! The signed data cann't be null!");
        }
        byte[] checkPEM = MiscTools.checkPEM(bArr);
        if (checkPEM != null) {
            bArr = Base64.decode(checkPEM);
        }
        byte[] checkPEM2 = MiscTools.checkPEM(bArr3);
        if (checkPEM2 != null) {
            bArr3 = Base64.decode(checkPEM2);
        }
        try {
            Signature signature = new Signature();
            CERT_INFO cert_info = new CERT_INFO(bArr);
            if (i != 260) {
                throw new CrypException(ErrorConstant.CE_ALGRITHM_UNSPPORT, "Algorithm unsupported!");
            }
            return signature.VerifySm2SignatureByPubKey(SM2PublicKeyDer.sm2PubkeyDerDecode(cert_info.getPublicKey()), bArr3, bArr2);
        } catch (Exception e) {
            throw new CrypException(e.getMessage(), e);
        }
    }

    public static KeyPairInfo genEccKeyPair() {
        KeyPairInfo keyPairInfo = null;
        byte[] GenSM2KeyPair = KeyPair.GenSM2KeyPair(Randoms.getRandom());
        String str = new String(Base64.encode(SM2PrivateKeyDer.sm2PrivateKeyDerEncode(GenSM2KeyPair, KeyPair.GetPrivateKey())));
        String str2 = new String(Base64.encode(SM2PublicKeyDer.sm2PubKeyDerEncode(GenSM2KeyPair)));
        if (str != null && !"".equals(str) && str2 != null && !"".equals(str2)) {
            keyPairInfo = new KeyPairInfo();
            keyPairInfo.setPrivateKey(str);
            keyPairInfo.setPublicKey(str2);
        }
        return keyPairInfo;
    }

    public static RSAKeyPair generateRSAKeyPair(int i) throws CrypException {
        RSAKeyPair rSAKeyPair = new RSAKeyPair();
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
            keyPairGenerator.initialize(i);
            java.security.KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            RSAPublicKey rSAPublicKey = (RSAPublicKey) generateKeyPair.getPublic();
            RSAPrivateKey rSAPrivateKey = (RSAPrivateKey) generateKeyPair.getPrivate();
            byte[] encoded = rSAPublicKey.getEncoded();
            byte[] encoded2 = rSAPrivateKey.getEncoded();
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(encoded);
            ASN1Sequence readObject = new ASN1InputStream(byteArrayInputStream).readObject();
            byteArrayInputStream.close();
            DERBitString dERBitString = DERBitString.getInstance(readObject.getObjectAt(1));
            ByteArrayInputStream byteArrayInputStream2 = new ByteArrayInputStream(encoded2);
            ASN1Sequence readObject2 = new ASN1InputStream(byteArrayInputStream2).readObject();
            byteArrayInputStream2.close();
            rSAKeyPair.setPrikeyDERString(DEROctetString.getInstance(readObject2.getObjectAt(2)).getOctets());
            rSAKeyPair.setPubkeyDERString(dERBitString.getBytes());
            rSAKeyPair.setPubkey(rSAPublicKey);
            return rSAKeyPair;
        } catch (InvalidParameterException e) {
            throw new CrypException(ErrorConstant.CE_MODULUS_UNSPPORT, ErrorConstant.DE_CE_MODULUS_UNSPPORT + e.getMessage());
        } catch (Exception e2) {
            throw new CrypException(ErrorConstant.CE_FAIL, ErrorConstant.DE_CE_FAIL + e2.getMessage());
        }
    }

    public static byte[] getCertExtInfoString(byte[] bArr, String str) throws CrypException {
        if (bArr == null) {
            throw new CrypException(ErrorConstant.CE_FAIL, "Operation failed! certificat cann't be null!");
        }
        byte[] checkPEM = MiscTools.checkPEM(bArr);
        if (checkPEM != null) {
            bArr = Base64.decode(checkPEM);
        }
        try {
            return new ParseCertExtUtil(new ParseCertUtil(bArr).getExtensions()).getExtSelfDefineExt(str);
        } catch (Exception e) {
            throw new CrypException("Operation failed! Parse Certificate Extension error", e);
        }
    }

    public static CERT_INFO getCertInfo(byte[] bArr) throws CrypException {
        if (bArr == null) {
            throw new CrypException(ErrorConstant.CE_FAIL, "Operation failed! certificat cann't be null!");
        }
        byte[] checkPEM = MiscTools.checkPEM(bArr);
        if (checkPEM != null) {
            bArr = Base64.decode(checkPEM);
        }
        return new CERT_INFO(bArr);
    }

    public static byte[] mac(int i, String str, byte[] bArr) throws CCITSecurityException {
        MAC mac = new MAC(i, str);
        mac.update(bArr);
        return mac.doFinal();
    }

    public static String SM3Hash(String str) throws Exception {
        if (isEmpty(str)) {
            throw new Exception("indata is null");
        }
        return new String(Base64.encode(SM3Hash.GetHashValue(str.getBytes())));
    }

    public static byte[] SMS4_ECB(boolean z, byte[] bArr, byte[] bArr2) throws Exception {
        if (bArr == null) {
            throw new Exception("keyData is null");
        }
        if (bArr2 == null) {
            throw new Exception("indata is null");
        }
        if (z) {
            try {
                return Base64.encode(new SMS4().sms4encodeecbpkcs5padding(bArr2, bArr));
            } catch (Exception e) {
                e.printStackTrace();
                throw e;
            }
        }
        byte[] bArr3 = (byte[]) null;
        try {
            bArr3 = new SMS4().sms4decodeecbpkcs5padding(Base64.decode(bArr2), bArr);
        } catch (Exception e2) {
            e2.printStackTrace();
        }
        return bArr3;
    }

    public static byte[] symCrypto(int i, byte[] bArr, boolean z, byte[] bArr2, byte[] bArr3) throws CrypException {
        byte[] SymCryptoIDEA;
        byte[] checkPEM;
        if (bArr == null) {
            throw new CrypException(ErrorConstant.CE_VERIFY_FAIL, "Operation failed! Key cann't be null!");
        }
        if (bArr2 == null) {
            throw new CrypException(ErrorConstant.CE_VERIFY_FAIL, "Operation failed! The data to be encrypted or decrypted cann't be null!");
        }
        if (!z && (checkPEM = MiscTools.checkPEM(bArr2)) != null) {
            bArr2 = Base64.decode(checkPEM);
        }
        try {
            if (i == 1282) {
                SymCryptoIDEA = EcryptBase.symCrypto3DES("DESede/ECB/PKCS5Padding", bArr, z, bArr2, (byte[]) null);
            } else if (i == 1313) {
                SymCryptoIDEA = EcryptBase.symCrypto3DES("DESede/ECB/NoPadding", bArr, z, bArr2, (byte[]) null);
            } else if (i == 1314) {
                SymCryptoIDEA = EcryptBase.symCrypto3DES("DESede/CBC/PKCS5Padding", bArr, z, bArr2, bArr3);
            } else if (i == 1315) {
                SymCryptoIDEA = EcryptBase.symCrypto3DES("DESede/CBC/NoPadding", bArr, z, bArr2, bArr3);
            } else if (i == 1281) {
                SymCryptoIDEA = EcryptBase.symCryptoDES("DES/ECB/PKCS5Padding", bArr, z, bArr2, (byte[]) null);
            } else if (i == 1297) {
                SymCryptoIDEA = EcryptBase.symCryptoDES("DES/ECB/NoPadding", bArr, z, bArr2, (byte[]) null);
            } else if (i == 1298) {
                SymCryptoIDEA = EcryptBase.symCryptoDES("DES/CBC/PKCS5Padding", bArr, z, bArr2, bArr3);
            } else if (i == 1299) {
                SymCryptoIDEA = EcryptBase.symCryptoDES("DES/CBC/NoPadding", bArr, z, bArr2, bArr3);
            } else if (i == 1285) {
                SymCryptoIDEA = EcryptBase.symCryptoAES("AES/ECB/PKCS5Padding", bArr, z, bArr2, (byte[]) null);
            } else if (i == 1361) {
                SymCryptoIDEA = EcryptBase.symCryptoAES("AES/ECB/NoPadding", bArr, z, bArr2, (byte[]) null);
            } else if (i == 1362) {
                SymCryptoIDEA = EcryptBase.symCryptoAES("AES/CBC/PKCS5Padding", bArr, z, bArr2, bArr3);
            } else if (i == 1363) {
                SymCryptoIDEA = EcryptBase.symCryptoAES("AES/CBC/NoPadding", bArr, z, bArr2, bArr3);
            } else if (i == 1283) {
                SymCryptoIDEA = EcryptBase.SymCryptoSDBI("SDBI", new String(bArr), z, bArr2);
            } else {
                if (i != 1284) {
                    throw new CrypException(ErrorConstant.CE_ALGRITHM_UNSPPORT, ErrorConstant.DE_CE_ALGRITHM_UNSPPORT);
                }
                SymCryptoIDEA = EcryptBase.SymCryptoIDEA("IDEA", bArr, z, bArr2);
            }
            return SymCryptoIDEA;
        } catch (CrypException e) {
            throw e;
        } catch (Exception e2) {
            throw new CrypException(ErrorConstant.CE_DECRYPT_FAIL, "Encryption or decryption failed!" + e2.getMessage());
        }
    }

    public static boolean verifyCertificateByCrl(byte[] bArr, byte[] bArr2) throws CCITSecurityException {
        byte[] checkPEM = MiscTools.checkPEM(bArr);
        if (checkPEM != null) {
            bArr = Base64.decode(checkPEM);
        }
        byte[] checkPEM2 = MiscTools.checkPEM(bArr2);
        if (checkPEM2 != null) {
            bArr2 = Base64.decode(checkPEM2);
        }
        return CertParseBase.verifyCertificateByCrl(bArr, bArr2);
    }

    public static byte[] SymEncOrDec(int i, byte[] bArr, boolean z, byte[] bArr2, byte[] bArr3) throws CrypException {
        byte[] SymCryptoIDEA;
        byte[] checkPEM;
        if (bArr == null) {
            throw new CrypException(ErrorConstant.CE_VERIFY_FAIL, "Operation failed! Key cann't be null!");
        }
        if (bArr2 == null) {
            throw new CrypException(ErrorConstant.CE_VERIFY_FAIL, "Operation failed! The data to be encrypted or decrypted cann't be null!");
        }
        if (!z && (checkPEM = MiscTools.checkPEM(bArr2)) != null) {
            bArr2 = Base64.decode(checkPEM);
        }
        try {
            if (i == 1282) {
                SymCryptoIDEA = EcryptBase.symCrypto3DES("DESede/ECB/PKCS5Padding", bArr, z, bArr2, (byte[]) null);
            } else if (i == 1313) {
                SymCryptoIDEA = EcryptBase.symCrypto3DES("DESede/ECB/NoPadding", bArr, z, bArr2, (byte[]) null);
            } else if (i == 1314) {
                SymCryptoIDEA = EcryptBase.symCrypto3DES("DESede/CBC/PKCS5Padding", bArr, z, bArr2, bArr3);
            } else if (i == 1315) {
                SymCryptoIDEA = EcryptBase.symCrypto3DES("DESede/CBC/NoPadding", bArr, z, bArr2, bArr3);
            } else if (i == 1281) {
                SymCryptoIDEA = EcryptBase.symCryptoDES("DES/ECB/PKCS5Padding", bArr, z, bArr2, (byte[]) null);
            } else if (i == 1297) {
                SymCryptoIDEA = EcryptBase.symCryptoDES("DES/ECB/NoPadding", bArr, z, bArr2, (byte[]) null);
            } else if (i == 1298) {
                SymCryptoIDEA = EcryptBase.symCryptoDES("DES/CBC/PKCS5Padding", bArr, z, bArr2, bArr3);
            } else if (i == 1299) {
                SymCryptoIDEA = EcryptBase.symCryptoDES("DES/CBC/NoPadding", bArr, z, bArr2, bArr3);
            } else if (i == 1285) {
                SymCryptoIDEA = EcryptBase.symCryptoAES("AES/ECB/PKCS5Padding", bArr, z, bArr2, (byte[]) null);
            } else if (i == 1361) {
                SymCryptoIDEA = EcryptBase.symCryptoAES("AES/ECB/NoPadding", bArr, z, bArr2, (byte[]) null);
            } else if (i == 1362) {
                SymCryptoIDEA = EcryptBase.symCryptoAES("AES/CBC/PKCS5Padding", bArr, z, bArr2, bArr3);
            } else if (i == 1363) {
                SymCryptoIDEA = EcryptBase.symCryptoAES("AES/CBC/NoPadding", bArr, z, bArr2, bArr3);
            } else if (i == 1283) {
                SymCryptoIDEA = EcryptBase.SymCryptoSDBI("SDBI", new String(bArr), z, bArr2);
            } else {
                if (i != 1284) {
                    throw new CrypException(ErrorConstant.CE_ALGRITHM_UNSPPORT, ErrorConstant.DE_CE_ALGRITHM_UNSPPORT);
                }
                SymCryptoIDEA = EcryptBase.SymCryptoIDEA("IDEA", bArr, z, bArr2);
            }
            return SymCryptoIDEA;
        } catch (CrypException e) {
            throw e;
        } catch (Exception e2) {
            throw new CrypException(ErrorConstant.CE_DECRYPT_FAIL, "Encryption or decryption failed!" + e2.getMessage());
        }
    }

    public static int verify(int i, byte[] bArr, byte[] bArr2, byte[] bArr3) throws CrypException {
        String str;
        if (bArr == null) {
            throw new CrypException(ErrorConstant.CE_VERIFY_FAIL, "Verify failed! Key cann't be null!");
        }
        if (bArr2 == null) {
            throw new CrypException(ErrorConstant.CE_VERIFY_FAIL, "Verify failed! The data to be signed cann't be null!");
        }
        if (bArr3 == null) {
            throw new CrypException(ErrorConstant.CE_VERIFY_FAIL, "Verify failed! The signed data cann't be null!");
        }
        byte[] checkPEM = MiscTools.checkPEM(bArr);
        if (checkPEM != null) {
            bArr = Base64.decode(checkPEM);
        }
        byte[] checkPEM2 = MiscTools.checkPEM(bArr3);
        if (checkPEM2 != null) {
            bArr3 = Base64.decode(checkPEM2);
        }
        if (i == 257) {
            str = "MD2WITHRSA";
        } else if (i == 258) {
            str = "MD5WITHRSA";
        } else if (i == 259) {
            str = "SHA1WITHRSA";
        } else {
            if (i != 261) {
                throw new CrypException(ErrorConstant.CE_ALGRITHM_UNSPPORT, ErrorConstant.DE_CE_ALGRITHM_UNSPPORT);
            }
            str = "SHA256WITHRSA";
        }
        return SignBase.verify(str, bArr, bArr2, bArr3);
    }

    public static int verifyCert(byte[] bArr, byte[] bArr2) throws CrypException {
        if (bArr == null) {
            throw new CrypException(ErrorConstant.CE_VERIFY_FAIL, "Operation failed! certificat to be verified cann't be null!");
        }
        if (bArr2 == null) {
            throw new CrypException(ErrorConstant.CE_VERIFY_FAIL, "Operation failed! The verify cert cann't be null!");
        }
        byte[] checkPEM = MiscTools.checkPEM(bArr);
        if (checkPEM != null) {
            bArr = Base64.decode(checkPEM);
        }
        byte[] checkPEM2 = MiscTools.checkPEM(bArr2);
        if (checkPEM2 != null) {
            bArr2 = Base64.decode(checkPEM2);
        }
        return new CertParseBase().VerifyCert(bArr, bArr2);
    }

    public static int verifyWithCert(int i, byte[] bArr, byte[] bArr2, byte[] bArr3) throws CrypException {
        String str;
        if (bArr == null) {
            throw new CrypException(ErrorConstant.CE_VERIFY_FAIL, "Verify failed! Key cann't be null!");
        }
        if (bArr2 == null) {
            throw new CrypException(ErrorConstant.CE_VERIFY_FAIL, "Verify failed! The data to be signed cann't be null!");
        }
        if (bArr3 == null) {
            throw new CrypException(ErrorConstant.CE_VERIFY_FAIL, "Verify failed! The signed data cann't be null!");
        }
        byte[] checkPEM = MiscTools.checkPEM(bArr);
        if (checkPEM != null) {
            bArr = Base64.decode(checkPEM);
        }
        byte[] checkPEM2 = MiscTools.checkPEM(bArr3);
        if (checkPEM2 != null) {
            bArr3 = Base64.decode(checkPEM2);
        }
        if (i == 257) {
            str = "MD2WITHRSA";
        } else if (i == 258) {
            str = "MD5WITHRSA";
        } else if (i == 259) {
            str = "SHA1WITHRSA";
        } else {
            if (i != 261) {
                throw new CrypException(ErrorConstant.CE_ALGRITHM_UNSPPORT, ErrorConstant.DE_CE_ALGRITHM_UNSPPORT);
            }
            str = "SHA256WITHRSA";
        }
        return SignBase.verifyWithCert(str, bArr, bArr2, bArr3);
    }

    public static byte[] RsaSign(int i, byte[] bArr, byte[] bArr2) throws CrypException {
        String str;
        if (bArr == null) {
            throw new CrypException(ErrorConstant.CE_SIGN_FAIL, "Sign failed! Key cann't be null!");
        }
        if (bArr2 == null) {
            throw new CrypException(ErrorConstant.CE_SIGN_FAIL, "Sign failed! The data to be signed cann't be null!");
        }
        byte[] checkPEM = MiscTools.checkPEM(bArr);
        if (checkPEM != null) {
            bArr = Base64.decode(checkPEM);
        }
        if (i == 257) {
            str = "MD2WITHRSA";
        } else if (i == 258) {
            str = "MD5WITHRSA";
        } else if (i == 259) {
            str = "SHA1WITHRSA";
        } else {
            if (i != 261) {
                throw new CrypException(ErrorConstant.CE_ALGRITHM_UNSPPORT, "Algorithm unsupported!");
            }
            str = "SHA256WITHRSA";
        }
        return SignBase.sign(str, bArr, bArr2);
    }

    public static byte[] RsaSignByP12(int i, byte[] bArr) throws CryptoException {
        try {
            if (bArr == null) {
                throw new CryptoException("indata is null");
            }
            String value = Resource.getValue(Constants.P12_CERT);
            String value2 = Resource.getValue(Constants.P12_PINCODE);
            KeyStore keyStore = KeyStore.getInstance("PKCS12");
            FileInputStream fileInputStream = new FileInputStream(value);
            char[] charArray = (value2 == null || value2.trim().equals("")) ? (char[]) null : value2.toCharArray();
            keyStore.load(fileInputStream, charArray);
            fileInputStream.close();
            Enumeration<String> aliases = keyStore.aliases();
            String str = null;
            if (aliases.hasMoreElements()) {
                str = aliases.nextElement();
            }
            String str2 = new String(Base64.encode(((PrivateKey) keyStore.getKey(str, charArray)).getEncoded()));
            if (i != 257 && i != 258 && i != 259 && i != 261) {
                throw new CrypException(ErrorConstant.CE_ALGRITHM_UNSPPORT, "Algorithm unsupported!");
            }
            byte[] RsaSign = RsaSign(i, removePrikeyHead(str2).getBytes(), bArr);
            if (RsaSign == null) {
                throw new CryptoException("signtedate is null");
            }
            return RsaSign;
        } catch (CrypException e) {
            e.printStackTrace();
            throw new CryptoException(e.getMessage());
        } catch (Exception e2) {
            e2.printStackTrace();
            throw new CryptoException(e2.getMessage());
        }
    }

    private static String removePrikeyHead(String str) {
        try {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(Base64.decode(str));
            ASN1Sequence readObject = new ASN1InputStream(byteArrayInputStream).readObject();
            byteArrayInputStream.close();
            str = new String(Base64.encode(DEROctetString.getInstance(readObject.getObjectAt(2)).getOctets()));
        } catch (IOException e) {
            e.printStackTrace();
        }
        return str;
    }

    public static byte[] RsaSignByP12Cert(int i, byte[] bArr, byte[] bArr2, String str) throws CryptoException {
        try {
            if (bArr == null) {
                throw new CryptoException("indata is null");
            }
            if (bArr2 == null) {
                throw new CryptoException("P12cert is null");
            }
            byte[] checkPEM = MiscTools.checkPEM(bArr2);
            if (checkPEM != null) {
                bArr2 = Base64.decode(checkPEM);
            }
            KeyStore keyStore = KeyStore.getInstance("PKCS12");
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr2);
            char[] charArray = (str == null || str.trim().equals("")) ? (char[]) null : str.toCharArray();
            keyStore.load(byteArrayInputStream, charArray);
            byteArrayInputStream.close();
            Enumeration<String> aliases = keyStore.aliases();
            String str2 = null;
            if (aliases.hasMoreElements()) {
                str2 = aliases.nextElement();
            }
            String str3 = new String(Base64.encode(((PrivateKey) keyStore.getKey(str2, charArray)).getEncoded()));
            if (i != 257 && i != 258 && i != 259 && i != 261) {
                throw new CrypException(ErrorConstant.CE_ALGRITHM_UNSPPORT, "Algorithm unsupported!");
            }
            byte[] RsaSign = RsaSign(i, removePrikeyHead(str3).getBytes(), bArr);
            if (RsaSign == null) {
                throw new CryptoException("signtedate is null");
            }
            return RsaSign;
        } catch (CrypException e) {
            e.printStackTrace();
            throw new CryptoException(e.getMessage());
        } catch (Exception e2) {
            e2.printStackTrace();
            throw new CryptoException(e2.getMessage());
        }
    }

    public static void main(String[] strArr) throws CryptoException {
        System.out.println(new String(Base64.encode(RsaSignByP12(TypeConstant.CA_SHA256WITHRSA, "11111111".getBytes()))));
    }
}
