package com.wallet.sign;

import com.google.devtools.build.android.desugar.runtime.ThrowableExtension;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.io.StringWriter;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.HashMap;
import java.util.Map;
import javax.security.auth.x500.X500Principal;
import org.spongycastle.asn1.ASN1ObjectIdentifier;
import org.spongycastle.asn1.x509.AlgorithmIdentifier;
import org.spongycastle.openssl.jcajce.JcaPEMWriter;
import org.spongycastle.operator.ContentSigner;
import org.spongycastle.operator.OperatorCreationException;
import org.spongycastle.operator.jcajce.JcaContentSignerBuilder;
import org.spongycastle.pkcs.PKCS10CertificationRequest;
import org.spongycastle.pkcs.jcajce.JcaPKCS10CertificationRequestBuilder;
import org.spongycastle.util.encoders.Base64;
import org.spongycastle.util.io.pem.PemObject;
import org.spongycastle.util.io.pem.PemObjectGenerator;

/* loaded from: classes.dex */
public class CSRHelper {
    private static final String CN_PATTERN = "CN=%s, OU=IT, EMAILADDRESS=service@xi-tech.com.cn, O=Xiaoxi, ST=重庆, C=CN, L=重庆";
    public static final String DEFAULT_SIGNATURE_ALGORITHM = "SHA256withECDSA";

    /* loaded from: classes.dex */
    private static class JCESigner implements ContentSigner {
        private static Map<String, AlgorithmIdentifier> ALGOS = new HashMap();
        private String mAlgo;
        private ByteArrayOutputStream outputStream;
        private Signature signature;

        static {
            ALGOS.put("SHA256withRSA".toLowerCase(), new AlgorithmIdentifier(new ASN1ObjectIdentifier("1.2.840.113549.1.1.11")));
            ALGOS.put("SHA1withRSA".toLowerCase(), new AlgorithmIdentifier(new ASN1ObjectIdentifier("1.2.840.113549.1.1.5")));
        }

        public JCESigner(PrivateKey privateKey, String str) {
            this.mAlgo = str.toLowerCase();
            try {
                this.outputStream = new ByteArrayOutputStream();
                this.signature = Signature.getInstance(str);
                this.signature.initSign(privateKey);
            } catch (GeneralSecurityException e) {
                throw new IllegalArgumentException(e.getMessage());
            }
        }

        @Override // org.spongycastle.operator.ContentSigner
        public AlgorithmIdentifier getAlgorithmIdentifier() {
            AlgorithmIdentifier algorithmIdentifier = ALGOS.get(this.mAlgo);
            if (algorithmIdentifier == null) {
                throw new IllegalArgumentException("Does not support algo: " + this.mAlgo);
            }
            return algorithmIdentifier;
        }

        @Override // org.spongycastle.operator.ContentSigner
        public OutputStream getOutputStream() {
            return this.outputStream;
        }

        @Override // org.spongycastle.operator.ContentSigner
        public byte[] getSignature() {
            try {
                this.signature.update(this.outputStream.toByteArray());
                return this.signature.sign();
            } catch (GeneralSecurityException e) {
                ThrowableExtension.printStackTrace(e);
                return null;
            }
        }
    }

    public static String certificationRequestToPEM(PKCS10CertificationRequest pKCS10CertificationRequest) throws IOException {
        PemObject pemObject = new PemObject("CERTIFICATE REQUEST", pKCS10CertificationRequest.getEncoded());
        StringWriter stringWriter = new StringWriter();
        JcaPEMWriter jcaPEMWriter = new JcaPEMWriter(stringWriter);
        jcaPEMWriter.writeObject((PemObjectGenerator) pemObject);
        jcaPEMWriter.close();
        stringWriter.close();
        return stringWriter.toString();
    }

    public static PKCS10CertificationRequest generateCSR(KeyPair keyPair, String str) throws IOException, OperatorCreationException {
        return new JcaPKCS10CertificationRequestBuilder(new X500Principal(String.format(CN_PATTERN, str)), keyPair.getPublic()).build(new JcaContentSignerBuilder(DEFAULT_SIGNATURE_ALGORITHM).build(keyPair.getPrivate()));
    }

    public static PrivateKey pemToPrivateKey(String str, String str2) throws NoSuchAlgorithmException, InvalidKeySpecException, NoSuchProviderException {
        String replace = str.contains("-----BEGIN PRIVATE KEY-----") ? str.replace("-----BEGIN PRIVATE KEY-----\n", "").replace("-----END PRIVATE KEY-----\n", "") : str.replace("-----BEGIN EC PRIVATE KEY-----\n", "").replace("-----END EC PRIVATE KEY-----\n", "");
        new Base64();
        return KeyFactory.getInstance(str2, "AndroidOpenSSL").generatePrivate(new PKCS8EncodedKeySpec(Base64.decode(replace)));
    }

    public static String privateKeyToPEM(PrivateKey privateKey) throws IOException {
        PemObject pemObject = new PemObject("PRIVATE KEY", privateKey.getEncoded());
        StringWriter stringWriter = new StringWriter();
        JcaPEMWriter jcaPEMWriter = new JcaPEMWriter(stringWriter);
        jcaPEMWriter.writeObject((PemObjectGenerator) pemObject);
        jcaPEMWriter.close();
        stringWriter.close();
        return stringWriter.toString();
    }

    public static String publicKeyToPEM(PublicKey publicKey) throws IOException {
        PemObject pemObject = new PemObject("PUBLIC KEY", publicKey.getEncoded());
        StringWriter stringWriter = new StringWriter();
        JcaPEMWriter jcaPEMWriter = new JcaPEMWriter(stringWriter);
        jcaPEMWriter.writeObject((PemObjectGenerator) pemObject);
        jcaPEMWriter.close();
        stringWriter.close();
        return stringWriter.toString();
    }
}
