package srvSeal;

import android.util.Log;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.FileInputStream;
import java.io.OutputStream;
import java.io.PrintStream;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.Signature;
import java.security.cert.CertStore;
import java.security.cert.CertStoreParameters;
import java.security.cert.CertificateFactory;
import java.security.cert.CollectionCertStoreParameters;
import java.security.cert.X509CertSelector;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.HashMap;
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.cms.CMSSignedData;
import org.bouncycastle.cms.CMSSignedDataStreamGenerator;
import org.bouncycastle.cms.SignerInformation;
import org.bouncycastle.jce.provider.BouncyCastleProvider;

/* loaded from: classes.dex */
public class CertUtil {
    public static String sign(String str, KeyStore keyStore, String str2) {
        return sign(str, keyStore, str2, ((X509Certificate) keyStore.getCertificate(keyStore.aliases().nextElement())).getSigAlgName());
    }

    public static String sign(String str, KeyStore keyStore, String str2, String str3) {
        PrivateKey privateKey = (PrivateKey) keyStore.getKey(keyStore.aliases().nextElement(), str2.toCharArray());
        Signature signature = Signature.getInstance(str3);
        signature.initSign(privateKey);
        signature.update(str.getBytes());
        return Base64.encodeToString(signature.sign());
    }

    public static String signP7(String str, KeyStore keyStore, String str2) {
        return signP7(str, keyStore, str2, CMSSignedDataStreamGenerator.DIGEST_SHA1);
    }

    public static String signP7(String str, KeyStore keyStore, String str2, String str3) {
        CMSSignedDataStreamGenerator cMSSignedDataStreamGenerator = new CMSSignedDataStreamGenerator();
        String nextElement = keyStore.aliases().nextElement();
        cMSSignedDataStreamGenerator.addSigner((PrivateKey) keyStore.getKey(nextElement, str2.toCharArray()), (X509Certificate) keyStore.getCertificate(nextElement), str3, new BouncyCastleProvider());
        cMSSignedDataStreamGenerator.addCertificatesAndCRLs(CertStore.getInstance("Collection", (CertStoreParameters) new CollectionCertStoreParameters(Arrays.asList(keyStore.getCertificateChain(nextElement))), (Provider) new BouncyCastleProvider()));
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        OutputStream open = cMSSignedDataStreamGenerator.open(byteArrayOutputStream, true);
        open.write(str.getBytes());
        open.close();
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        byteArrayOutputStream.close();
        PrintStream printStream = System.out;
        StringBuilder sb = new StringBuilder("签名结果的长度：");
        sb.append(byteArray.length - str.length());
        printStream.println(sb.toString());
        for (byte b : byteArray) {
            System.out.print((char) b);
        }
        System.out.println("");
        return Base64.encodeToString(byteArray);
    }

    public static String signP7(byte[] bArr, KeyStore keyStore, String str, String str2) {
        CMSSignedDataStreamGenerator cMSSignedDataStreamGenerator = new CMSSignedDataStreamGenerator();
        String nextElement = keyStore.aliases().nextElement();
        cMSSignedDataStreamGenerator.addSigner((PrivateKey) keyStore.getKey(nextElement, str.toCharArray()), (X509Certificate) keyStore.getCertificate(nextElement), str2, new BouncyCastleProvider());
        cMSSignedDataStreamGenerator.addCertificatesAndCRLs(CertStore.getInstance("Collection", (CertStoreParameters) new CollectionCertStoreParameters(Arrays.asList(keyStore.getCertificateChain(nextElement))), (Provider) new BouncyCastleProvider()));
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        OutputStream open = cMSSignedDataStreamGenerator.open(byteArrayOutputStream, true);
        MessageDigest messageDigest = MessageDigest.getInstance("SHA1", (Provider) new BouncyCastleProvider());
        messageDigest.update(bArr);
        open.write(messageDigest.digest());
        open.close();
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        byteArrayOutputStream.close();
        return Base64.encodeToString(byteArray).replaceAll("\r\n", "");
    }

    public static byte[] signP7Bytes(byte[] bArr, KeyStore keyStore, String str) {
        return signP7Bytes(bArr, keyStore, str, CMSSignedDataStreamGenerator.DIGEST_SHA1);
    }

    public static byte[] signP7Bytes(byte[] bArr, KeyStore keyStore, String str, String str2) {
        CMSSignedDataStreamGenerator cMSSignedDataStreamGenerator = new CMSSignedDataStreamGenerator();
        String nextElement = keyStore.aliases().nextElement();
        cMSSignedDataStreamGenerator.addSigner((PrivateKey) keyStore.getKey(nextElement, str.toCharArray()), (X509Certificate) keyStore.getCertificate(nextElement), str2, new BouncyCastleProvider());
        cMSSignedDataStreamGenerator.addCertificatesAndCRLs(CertStore.getInstance("Collection", (CertStoreParameters) new CollectionCertStoreParameters(Arrays.asList(keyStore.getCertificateChain(nextElement))), (Provider) new BouncyCastleProvider()));
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        OutputStream open = cMSSignedDataStreamGenerator.open(byteArrayOutputStream, true);
        open.write(bArr);
        open.close();
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        byteArrayOutputStream.close();
        return byteArray;
    }

    public static byte[] signP7Detach(byte[] bArr, String str, String str2) {
        KeyStore keyStore = KeyStore.getInstance("pkcs12");
        FileInputStream fileInputStream = new FileInputStream(str);
        keyStore.load(fileInputStream, str2.toCharArray());
        fileInputStream.close();
        BouncyCastleProvider bouncyCastleProvider = new BouncyCastleProvider();
        CMSSignedDataStreamGenerator cMSSignedDataStreamGenerator = new CMSSignedDataStreamGenerator();
        String nextElement = keyStore.aliases().nextElement();
        cMSSignedDataStreamGenerator.addSigner((PrivateKey) keyStore.getKey(nextElement, str2.toCharArray()), (X509Certificate) keyStore.getCertificate(nextElement), CMSSignedDataStreamGenerator.DIGEST_SHA1, bouncyCastleProvider);
        cMSSignedDataStreamGenerator.addCertificatesAndCRLs(CertStore.getInstance("Collection", (CertStoreParameters) new CollectionCertStoreParameters(Arrays.asList(keyStore.getCertificateChain(nextElement))), (Provider) new BouncyCastleProvider()));
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        OutputStream open = cMSSignedDataStreamGenerator.open(byteArrayOutputStream, false);
        open.write(bArr);
        open.close();
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        byteArrayOutputStream.close();
        return byteArray;
    }

    public static byte[] signP7Detach(byte[] bArr, String str, String str2, String str3) {
        KeyStore keyStore = KeyStore.getInstance("pkcs12");
        FileInputStream fileInputStream = new FileInputStream(str);
        keyStore.load(fileInputStream, str2.toCharArray());
        fileInputStream.close();
        String nextElement = keyStore.aliases().nextElement();
        PrivateKey privateKey = (PrivateKey) keyStore.getKey(nextElement, str2.toCharArray());
        X509Certificate x509Certificate = (X509Certificate) keyStore.getCertificate(nextElement);
        if (str3 != null && !str3.equals("")) {
            String verifyCertificateChain = CerVerifyUtil.verifyCertificateChain(str3, x509Certificate);
            if (!verifyCertificateChain.equals("true")) {
                Log.d("signP7Detach", verifyCertificateChain);
                return null;
            }
        }
        BouncyCastleProvider bouncyCastleProvider = new BouncyCastleProvider();
        CMSSignedDataStreamGenerator cMSSignedDataStreamGenerator = new CMSSignedDataStreamGenerator();
        cMSSignedDataStreamGenerator.addSigner(privateKey, x509Certificate, CMSSignedDataStreamGenerator.DIGEST_SHA1, bouncyCastleProvider);
        cMSSignedDataStreamGenerator.addCertificatesAndCRLs(CertStore.getInstance("Collection", (CertStoreParameters) new CollectionCertStoreParameters(Arrays.asList(keyStore.getCertificateChain(nextElement))), (Provider) new BouncyCastleProvider()));
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        OutputStream open = cMSSignedDataStreamGenerator.open(byteArrayOutputStream, false);
        open.write(bArr);
        open.close();
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        byteArrayOutputStream.close();
        return byteArray;
    }

    public static boolean verify(String str, String str2, KeyStore keyStore) {
        return verify(str, str2, keyStore, ((X509Certificate) keyStore.getCertificate(keyStore.aliases().nextElement())).getSigAlgName());
    }

    public static boolean verify(String str, String str2, KeyStore keyStore, String str3) {
        X509Certificate x509Certificate = (X509Certificate) keyStore.getCertificate(keyStore.aliases().nextElement());
        Signature signature = Signature.getInstance(str3, (Provider) new BouncyCastleProvider());
        signature.initVerify(x509Certificate.getPublicKey());
        signature.update(str.getBytes());
        return signature.verify(Base64.decode(str2));
    }

    public static boolean verifyDetachP7(byte[] bArr, byte[] bArr2) {
        BouncyCastleProvider bouncyCastleProvider = new BouncyCastleProvider();
        HashMap hashMap = new HashMap();
        hashMap.put(CMSSignedDataStreamGenerator.DIGEST_SHA1, MessageDigest.getInstance(CMSSignedDataStreamGenerator.DIGEST_SHA1, (Provider) bouncyCastleProvider).digest(bArr2));
        CMSSignedData cMSSignedData = new CMSSignedData(hashMap, bArr);
        CertStore certificatesAndCRLs = cMSSignedData.getCertificatesAndCRLs("Collection", bouncyCastleProvider);
        while (true) {
            boolean z = true;
            for (SignerInformation signerInformation : cMSSignedData.getSignerInfos().getSigners()) {
                X509CertSelector x509CertSelector = new X509CertSelector();
                x509CertSelector.setSerialNumber(signerInformation.getSID().getSerialNumber());
                if (signerInformation.verify(((X509Certificate) certificatesAndCRLs.getCertificates(x509CertSelector).iterator().next()).getPublicKey(), bouncyCastleProvider)) {
                    break;
                }
                z = false;
            }
            return z;
        }
    }

    public static boolean verifyP7(String str) {
        try {
            CMSSignedData cMSSignedData = new CMSSignedData(Base64.decode(str));
            SignerInformation signerInformation = (SignerInformation) cMSSignedData.getSignerInfos().getSigners().iterator().next();
            return signerInformation.verify(CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(((X509CertificateHolder) cMSSignedData.getCertificates().getMatches(signerInformation.getSID()).iterator().next()).getEncoded())).getPublicKey(), new BouncyCastleProvider());
        } catch (Exception e) {
            e.printStackTrace();
            return false;
        }
    }

    public static boolean verifyP7(String str, String str2) {
        CMSSignedData cMSSignedData = new CMSSignedData(Base64.decode(str));
        if (!verifyP7(str)) {
            return false;
        }
        MessageDigest.getInstance("SHA1", (Provider) new BouncyCastleProvider()).update(str2.getBytes());
        byte[] bytes = str2.getBytes();
        byte[] bArr = (byte[]) cMSSignedData.getSignedContent().getContent();
        System.out.println("签名值：" + new String(bArr));
        System.out.println("验签值：" + new String(bytes));
        if (bArr.length != bytes.length) {
            return false;
        }
        for (int i = 0; i < bArr.length; i++) {
            if (bytes[i] != bArr[i]) {
                return false;
            }
        }
        return true;
    }

    public static boolean verifyP7(String str, byte[] bArr) {
        CMSSignedData cMSSignedData = new CMSSignedData(Base64.decode(str));
        if (!verifyP7(str)) {
            return false;
        }
        MessageDigest messageDigest = MessageDigest.getInstance("SHA1", (Provider) new BouncyCastleProvider());
        messageDigest.update(bArr);
        byte[] digest = messageDigest.digest();
        byte[] bArr2 = (byte[]) cMSSignedData.getSignedContent().getContent();
        if (bArr2.length != digest.length) {
            return false;
        }
        for (int i = 0; i < bArr2.length; i++) {
            if (digest[i] != bArr2[i]) {
                return false;
            }
        }
        return true;
    }

    public static boolean verifyP7ByCert(String str, String str2, X509Certificate x509Certificate) {
        CMSSignedData cMSSignedData = new CMSSignedData(Base64.decode(str));
        if (!verifyP7ByCert(str, x509Certificate)) {
            return false;
        }
        MessageDigest messageDigest = MessageDigest.getInstance("SHA1", (Provider) new BouncyCastleProvider());
        messageDigest.update(str2.getBytes());
        byte[] digest = messageDigest.digest();
        byte[] bArr = (byte[]) cMSSignedData.getSignedContent().getContent();
        if (bArr.length != digest.length) {
            return false;
        }
        for (int i = 0; i < bArr.length; i++) {
            if (digest[i] != bArr[i]) {
                return false;
            }
        }
        return true;
    }

    public static boolean verifyP7ByCert(String str, X509Certificate x509Certificate) {
        try {
            return ((SignerInformation) new CMSSignedData(Base64.decode(str)).getSignerInfos().getSigners().iterator().next()).verify(x509Certificate.getPublicKey(), new BouncyCastleProvider());
        } catch (Exception e) {
            e.printStackTrace();
            return false;
        }
    }

    public static boolean verifyP7ByCert(String str, byte[] bArr, X509Certificate x509Certificate) {
        CMSSignedData cMSSignedData = new CMSSignedData(Base64.decode(str));
        if (!verifyP7ByCert(str, x509Certificate)) {
            return false;
        }
        MessageDigest messageDigest = MessageDigest.getInstance("SHA1", (Provider) new BouncyCastleProvider());
        messageDigest.update(bArr);
        byte[] digest = messageDigest.digest();
        byte[] bArr2 = (byte[]) cMSSignedData.getSignedContent().getContent();
        if (bArr2.length != digest.length) {
            return false;
        }
        for (int i = 0; i < bArr2.length; i++) {
            if (digest[i] != bArr2[i]) {
                return false;
            }
        }
        return true;
    }

    public static boolean verifyP7ByCertBase64(String str, String str2) {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(Base64.decode(str2));
        X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(byteArrayInputStream);
        byteArrayInputStream.close();
        return verifyP7ByCert(str, x509Certificate);
    }

    public static boolean verifyP7ByCertBase64(String str, String str2, String str3) {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(Base64.decode(str3));
        X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(byteArrayInputStream);
        byteArrayInputStream.close();
        return verifyP7ByCert(str, str2, x509Certificate);
    }

    public static boolean verifyP7ByCertBase64(String str, byte[] bArr, String str2) {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(Base64.decode(str2));
        X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(byteArrayInputStream);
        byteArrayInputStream.close();
        return verifyP7ByCert(str, bArr, x509Certificate);
    }

    public static boolean verifyP7ByCertPath(String str, String str2) {
        FileInputStream fileInputStream = new FileInputStream(str2);
        X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(fileInputStream);
        fileInputStream.close();
        return verifyP7ByCert(str, x509Certificate);
    }

    public static boolean verifyP7ByCertPath(String str, String str2, String str3) {
        FileInputStream fileInputStream = new FileInputStream(str3);
        X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(fileInputStream);
        fileInputStream.close();
        return verifyP7ByCert(str, str2, x509Certificate);
    }

    public static boolean verifyP7ByCertPath(String str, byte[] bArr, String str2) {
        FileInputStream fileInputStream = new FileInputStream(str2);
        X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(fileInputStream);
        fileInputStream.close();
        return verifyP7ByCert(str, bArr, x509Certificate);
    }

    public static boolean verifyP7ByKeyStore(String str, String str2, KeyStore keyStore) {
        return verifyP7ByCert(str, str2, (X509Certificate) keyStore.getCertificate(keyStore.aliases().nextElement()));
    }

    public static boolean verifyP7ByKeyStore(String str, KeyStore keyStore) {
        return verifyP7ByCert(str, (X509Certificate) keyStore.getCertificate(keyStore.aliases().nextElement()));
    }

    public static boolean verifyP7ByKeyStore(String str, byte[] bArr, KeyStore keyStore) {
        return verifyP7ByCert(str, bArr, (X509Certificate) keyStore.getCertificate(keyStore.aliases().nextElement()));
    }
}
