package com.lsy.baselib.crypto.util;

import cfca.sadk.algorithm.common.Mechanism;
import cfca.sadk.algorithm.sm2.SM2PrivateKey;
import cfca.sadk.lib.crypto.bcsoft.BCSoftLib;
import cfca.sadk.x509.certificate.X509Cert;
import com.lsy.baselib.crypto.algorithm.SM2;
import com.lsy.baselib.crypto.exception.CipherUtilException;
import com.lsy.baselib.crypto.processor.CSMPCryptoProcessor;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.DataInputStream;
import java.io.DataOutputStream;
import java.io.InputStream;
import java.math.BigInteger;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Security;
import java.security.Signature;
import java.security.cert.Certificate;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateFactory;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Date;
import java.util.Enumeration;
import java.util.Random;
import java.util.StringTokenizer;
import java.util.Vector;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.PBEParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.bouncycastle.asn1.ASN1Set;
import org.bouncycastle.asn1.DERBMPString;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.ocsp.OCSPObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.x509.BasicConstraints;
import org.bouncycastle.asn1.x509.GeneralName;
import org.bouncycastle.asn1.x509.KeyUsage;
import org.bouncycastle.asn1.x509.X509Extension;
import org.bouncycastle.asn1.x509.X509Extensions;
import org.bouncycastle.asn1.x509.X509Name;
import org.bouncycastle.jce.PKCS10CertificationRequest;
import org.bouncycastle.jce.X509Principal;
import org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.ocsp.BasicOCSPRespGenerator;
import org.bouncycastle.ocsp.CertificateID;
import org.bouncycastle.ocsp.CertificateStatus;
import org.bouncycastle.ocsp.OCSPReq;
import org.bouncycastle.ocsp.OCSPReqGenerator;
import org.bouncycastle.ocsp.OCSPResp;
import org.bouncycastle.ocsp.OCSPRespGenerator;
import org.bouncycastle.x509.X509V3CertificateGenerator;
import org.bouncycastle.x509.extension.AuthorityKeyIdentifierStructure;
import org.bouncycastle.x509.extension.SubjectKeyIdentifierStructure;

/* loaded from: classes.dex */
public class CryptUtil {
    static {
        if (Security.getProvider("BC") == null) {
            Security.addProvider(new BouncyCastleProvider());
        }
    }

    public static boolean checkValidity(X509Certificate x509Certificate, X509Certificate x509Certificate2) {
        try {
            x509Certificate.checkValidity(new Date());
            x509Certificate.verify(x509Certificate2.getPublicKey());
            return true;
        } catch (CertificateExpiredException unused) {
            System.out.println("Expired");
            return false;
        } catch (CertificateNotYetValidException unused2) {
            System.out.println("Too early");
            return false;
        } catch (Exception unused3) {
            System.out.println("not valid");
            return false;
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:43:0x00b2, code lost:
    
        if (r8 != null) goto L63;
     */
    /* JADX WARN: Code restructure failed: missing block: B:44:0x00b5, code lost:
    
        throw r6;
     */
    /* JADX WARN: Code restructure failed: missing block: B:46:0x00ae, code lost:
    
        r8.close();
     */
    /* JADX WARN: Code restructure failed: missing block: B:52:0x00ac, code lost:
    
        if (r8 != null) goto L63;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static void decrypt(java.lang.String r6, java.lang.String r7, java.security.PrivateKey r8, java.lang.String r9) throws java.lang.Exception {
        /*
            if (r6 == 0) goto Lb6
            java.lang.String r0 = ""
            boolean r1 = r6.equals(r0)
            if (r1 != 0) goto Lb6
            if (r7 == 0) goto Lb6
            boolean r0 = r7.equals(r0)
            if (r0 == 0) goto L14
            goto Lb6
        L14:
            r0 = 0
            boolean r1 = r6.equals(r7)
            if (r1 == 0) goto L1e
            r0 = 1
            java.lang.String r7 = "~.tmp"
        L1e:
            r1 = 0
            java.lang.String r2 = "RSA/ECB/PKCS1Padding"
            javax.crypto.Cipher r2 = javax.crypto.Cipher.getInstance(r2, r9)     // Catch: java.lang.Throwable -> L9d
            r3 = 2
            r2.init(r3, r8)     // Catch: java.lang.Throwable -> L9d
            java.io.DataInputStream r8 = new java.io.DataInputStream     // Catch: java.lang.Throwable -> L9d
            java.io.FileInputStream r4 = new java.io.FileInputStream     // Catch: java.lang.Throwable -> L9d
            r4.<init>(r6)     // Catch: java.lang.Throwable -> L9d
            r8.<init>(r4)     // Catch: java.lang.Throwable -> L9d
            int r4 = r8.readInt()     // Catch: java.lang.Throwable -> L9d
            byte[] r4 = new byte[r4]     // Catch: java.lang.Throwable -> L9d
            r8.readFully(r4)     // Catch: java.lang.Throwable -> L9d
            byte[] r2 = r2.doFinal(r4)     // Catch: java.lang.Throwable -> L9d
            javax.crypto.spec.SecretKeySpec r4 = new javax.crypto.spec.SecretKeySpec     // Catch: java.lang.Throwable -> L9d
            java.lang.String r5 = "Rijndael"
            r4.<init>(r2, r5)     // Catch: java.lang.Throwable -> L9d
            r2 = 16
            byte[] r2 = new byte[r2]     // Catch: java.lang.Throwable -> L9d
            r8.read(r2)     // Catch: java.lang.Throwable -> L9d
            javax.crypto.spec.IvParameterSpec r5 = new javax.crypto.spec.IvParameterSpec     // Catch: java.lang.Throwable -> L9d
            r5.<init>(r2)     // Catch: java.lang.Throwable -> L9d
            java.lang.String r2 = "Rijndael/CBC/PKCS5Padding"
            javax.crypto.Cipher r9 = javax.crypto.Cipher.getInstance(r2, r9)     // Catch: java.lang.Throwable -> L9d
            r9.init(r3, r4, r5)     // Catch: java.lang.Throwable -> L9d
            javax.crypto.CipherInputStream r2 = new javax.crypto.CipherInputStream     // Catch: java.lang.Throwable -> L9d
            r2.<init>(r8, r9)     // Catch: java.lang.Throwable -> L9d
            java.io.FileOutputStream r8 = new java.io.FileOutputStream     // Catch: java.lang.Throwable -> L99
            r8.<init>(r7)     // Catch: java.lang.Throwable -> L99
        L66:
            int r9 = r2.read()     // Catch: java.lang.Throwable -> L97
            r1 = -1
            if (r9 != r1) goto L93
            r2.close()     // Catch: java.lang.Exception -> L70 java.lang.Throwable -> L76
        L70:
            r8.close()     // Catch: java.lang.Exception -> L74
            goto L7b
        L74:
            goto L7b
        L76:
            r6 = move-exception
            r8.close()     // Catch: java.lang.Exception -> L7a
        L7a:
            throw r6
        L7b:
            if (r0 == 0) goto L92
            java.io.File r8 = new java.io.File
            r8.<init>(r6)
            r8.delete()
            java.io.File r8 = new java.io.File
            r8.<init>(r7)
            java.io.File r7 = new java.io.File
            r7.<init>(r6)
            r8.renameTo(r7)
        L92:
            return
        L93:
            r8.write(r9)     // Catch: java.lang.Throwable -> L97
            goto L66
        L97:
            r6 = move-exception
            goto L9b
        L99:
            r6 = move-exception
            r8 = r1
        L9b:
            r1 = r2
            goto L9f
        L9d:
            r6 = move-exception
            r8 = r1
        L9f:
            if (r1 == 0) goto Lb2
            r1.close()     // Catch: java.lang.Throwable -> La5 java.lang.Exception -> Lac
            goto Lb2
        La5:
            r6 = move-exception
            if (r8 == 0) goto Lab
            r8.close()     // Catch: java.lang.Exception -> Lab
        Lab:
            throw r6
        Lac:
            if (r8 == 0) goto Lb5
        Lae:
            r8.close()     // Catch: java.lang.Exception -> Lb5
            goto Lb5
        Lb2:
            if (r8 == 0) goto Lb5
            goto Lae
        Lb5:
            throw r6
        Lb6:
            return
        */
        throw new UnsupportedOperationException("Method not decompiled: com.lsy.baselib.crypto.util.CryptUtil.decrypt(java.lang.String, java.lang.String, java.security.PrivateKey, java.lang.String):void");
    }

    public static byte[] decrypt(byte[] bArr, PrivateKey privateKey, String str) throws Exception {
        CipherInputStream cipherInputStream = null;
        try {
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", str);
            cipher.init(2, privateKey);
            DataInputStream dataInputStream = new DataInputStream(new ByteArrayInputStream(bArr));
            byte[] bArr2 = new byte[dataInputStream.readInt()];
            dataInputStream.readFully(bArr2);
            SecretKeySpec secretKeySpec = new SecretKeySpec(cipher.doFinal(bArr2), "Rijndael");
            byte[] bArr3 = new byte[16];
            dataInputStream.read(bArr3);
            IvParameterSpec ivParameterSpec = new IvParameterSpec(bArr3);
            Cipher cipher2 = Cipher.getInstance("Rijndael/CBC/PKCS5Padding", str);
            cipher2.init(2, secretKeySpec, ivParameterSpec);
            CipherInputStream cipherInputStream2 = new CipherInputStream(dataInputStream, cipher2);
            try {
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                while (true) {
                    int read = cipherInputStream2.read();
                    if (read == -1) {
                        try {
                            break;
                        } catch (Exception unused) {
                        }
                    } else {
                        byteArrayOutputStream.write(read);
                    }
                }
                cipherInputStream2.close();
                return byteArrayOutputStream.toByteArray();
            } catch (Throwable th) {
                th = th;
                cipherInputStream = cipherInputStream2;
                if (cipherInputStream != null) {
                    try {
                        cipherInputStream.close();
                    } catch (Exception unused2) {
                    }
                }
                throw th;
            }
        } catch (Throwable th2) {
            th = th2;
        }
    }

    public static PrivateKey decryptPrivateKey(InputStream inputStream, char[] cArr) throws CipherUtilException {
        try {
            try {
                byte[] bArr = new byte[8];
                int available = inputStream.available();
                inputStream.read(bArr, 0, 1);
                int i = bArr[0];
                byte[] bArr2 = new byte[i];
                inputStream.read(bArr2, 0, i);
                inputStream.read(bArr, 0, 8);
                int i2 = ((available - 8) - 1) - i;
                byte[] bArr3 = new byte[i2];
                inputStream.read(bArr3, 0, i2);
                String str = cArr.length < 8 ? "PBEWithSHAAndTwofish-CBC" : "PBEWithMD5AndDES";
                SecretKey generateSecret = SecretKeyFactory.getInstance(str).generateSecret(new PBEKeySpec(cArr));
                PBEParameterSpec pBEParameterSpec = new PBEParameterSpec(bArr, 1000);
                Cipher cipher = Cipher.getInstance(str);
                cipher.init(2, generateSecret, pBEParameterSpec);
                PrivateKey generatePrivateKey = generatePrivateKey(cipher.doFinal(bArr3), new String(bArr2));
                if (inputStream != null) {
                    try {
                        inputStream.close();
                    } catch (Exception unused) {
                    }
                }
                return generatePrivateKey;
            } catch (Exception e) {
                throw new CipherUtilException("使用基于口令的加密方法解密私钥失败", e);
            }
        } catch (Throwable th) {
            if (inputStream != null) {
                try {
                    inputStream.close();
                } catch (Exception unused2) {
                }
            }
            throw th;
        }
    }

    public static PrivateKey decryptPrivateKey(byte[] bArr, char[] cArr) throws CipherUtilException {
        return decryptPrivateKey(new ByteArrayInputStream(bArr), cArr);
    }

    public static byte[] digest(byte[] bArr, String str) throws Exception {
        MessageDigest messageDigest = MessageDigest.getInstance(str, "BC");
        messageDigest.update(bArr);
        return messageDigest.digest();
    }

    public static byte[] digest(byte[] bArr, String str, String str2) throws Exception {
        MessageDigest messageDigest = MessageDigest.getInstance(str, str2);
        messageDigest.update(bArr);
        return messageDigest.digest();
    }

    /* JADX WARN: Code restructure failed: missing block: B:43:0x00c3, code lost:
    
        if (r8 != null) goto L60;
     */
    /* JADX WARN: Code restructure failed: missing block: B:44:0x00c6, code lost:
    
        throw r6;
     */
    /* JADX WARN: Code restructure failed: missing block: B:46:0x00bf, code lost:
    
        r8.close();
     */
    /* JADX WARN: Code restructure failed: missing block: B:52:0x00bd, code lost:
    
        if (r8 != null) goto L60;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static void encrypt(java.lang.String r6, java.lang.String r7, java.security.PublicKey r8, java.lang.String r9) throws java.lang.Exception {
        /*
            if (r6 == 0) goto Lc7
            java.lang.String r0 = ""
            boolean r1 = r6.equals(r0)
            if (r1 != 0) goto Lc7
            if (r7 == 0) goto Lc7
            boolean r0 = r7.equals(r0)
            if (r0 == 0) goto L14
            goto Lc7
        L14:
            r0 = 0
            boolean r1 = r6.equals(r7)
            r2 = 1
            if (r1 == 0) goto L1f
            java.lang.String r7 = "~.tmp"
            r0 = 1
        L1f:
            r1 = 0
            java.io.DataOutputStream r3 = new java.io.DataOutputStream     // Catch: java.lang.Throwable -> Lae
            java.io.FileOutputStream r4 = new java.io.FileOutputStream     // Catch: java.lang.Throwable -> Lae
            r4.<init>(r7)     // Catch: java.lang.Throwable -> Lae
            r3.<init>(r4)     // Catch: java.lang.Throwable -> Lae
            java.lang.String r4 = "RSA/ECB/PKCS1Padding"
            javax.crypto.Cipher r4 = javax.crypto.Cipher.getInstance(r4, r9)     // Catch: java.lang.Throwable -> Lae
            r4.init(r2, r8)     // Catch: java.lang.Throwable -> Lae
            java.lang.String r8 = "Rijndael"
            javax.crypto.KeyGenerator r8 = javax.crypto.KeyGenerator.getInstance(r8, r9)     // Catch: java.lang.Throwable -> Lae
            r5 = 128(0x80, float:1.8E-43)
            r8.init(r5)     // Catch: java.lang.Throwable -> Lae
            javax.crypto.SecretKey r8 = r8.generateKey()     // Catch: java.lang.Throwable -> Lae
            byte[] r5 = r8.getEncoded()     // Catch: java.lang.Throwable -> Lae
            byte[] r4 = r4.doFinal(r5)     // Catch: java.lang.Throwable -> Lae
            int r5 = r4.length     // Catch: java.lang.Throwable -> Lae
            r3.writeInt(r5)     // Catch: java.lang.Throwable -> Lae
            r3.write(r4)     // Catch: java.lang.Throwable -> Lae
            java.security.SecureRandom r4 = new java.security.SecureRandom     // Catch: java.lang.Throwable -> Lae
            r4.<init>()     // Catch: java.lang.Throwable -> Lae
            r5 = 16
            byte[] r5 = new byte[r5]     // Catch: java.lang.Throwable -> Lae
            r4.nextBytes(r5)     // Catch: java.lang.Throwable -> Lae
            r3.write(r5)     // Catch: java.lang.Throwable -> Lae
            javax.crypto.spec.IvParameterSpec r4 = new javax.crypto.spec.IvParameterSpec     // Catch: java.lang.Throwable -> Lae
            r4.<init>(r5)     // Catch: java.lang.Throwable -> Lae
            java.lang.String r5 = "Rijndael/CBC/PKCS5Padding"
            javax.crypto.Cipher r9 = javax.crypto.Cipher.getInstance(r5, r9)     // Catch: java.lang.Throwable -> Lae
            r9.init(r2, r8, r4)     // Catch: java.lang.Throwable -> Lae
            javax.crypto.CipherOutputStream r8 = new javax.crypto.CipherOutputStream     // Catch: java.lang.Throwable -> Lae
            r8.<init>(r3, r9)     // Catch: java.lang.Throwable -> Lae
            java.io.FileInputStream r9 = new java.io.FileInputStream     // Catch: java.lang.Throwable -> Lac
            r9.<init>(r6)     // Catch: java.lang.Throwable -> Lac
        L78:
            int r1 = r9.read()     // Catch: java.lang.Throwable -> La9
            r2 = -1
            if (r1 != r2) goto La5
            r9.close()     // Catch: java.lang.Exception -> L82 java.lang.Throwable -> L88
        L82:
            r8.close()     // Catch: java.lang.Exception -> L86
            goto L8d
        L86:
            goto L8d
        L88:
            r6 = move-exception
            r8.close()     // Catch: java.lang.Exception -> L8c
        L8c:
            throw r6
        L8d:
            if (r0 == 0) goto La4
            java.io.File r8 = new java.io.File
            r8.<init>(r6)
            r8.delete()
            java.io.File r8 = new java.io.File
            r8.<init>(r7)
            java.io.File r7 = new java.io.File
            r7.<init>(r6)
            r8.renameTo(r7)
        La4:
            return
        La5:
            r8.write(r1)     // Catch: java.lang.Throwable -> La9
            goto L78
        La9:
            r6 = move-exception
            r1 = r9
            goto Lb0
        Lac:
            r6 = move-exception
            goto Lb0
        Lae:
            r6 = move-exception
            r8 = r1
        Lb0:
            if (r1 == 0) goto Lc3
            r1.close()     // Catch: java.lang.Throwable -> Lb6 java.lang.Exception -> Lbd
            goto Lc3
        Lb6:
            r6 = move-exception
            if (r8 == 0) goto Lbc
            r8.close()     // Catch: java.lang.Exception -> Lbc
        Lbc:
            throw r6
        Lbd:
            if (r8 == 0) goto Lc6
        Lbf:
            r8.close()     // Catch: java.lang.Exception -> Lc6
            goto Lc6
        Lc3:
            if (r8 == 0) goto Lc6
            goto Lbf
        Lc6:
            throw r6
        Lc7:
            return
        */
        throw new UnsupportedOperationException("Method not decompiled: com.lsy.baselib.crypto.util.CryptUtil.encrypt(java.lang.String, java.lang.String, java.security.PublicKey, java.lang.String):void");
    }

    public static byte[] encrypt(byte[] bArr, PublicKey publicKey, String str) throws Exception {
        CipherOutputStream cipherOutputStream = null;
        try {
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", str);
            cipher.init(1, publicKey);
            KeyGenerator keyGenerator = KeyGenerator.getInstance("Rijndael", str);
            keyGenerator.init(128);
            SecretKey generateKey = keyGenerator.generateKey();
            byte[] doFinal = cipher.doFinal(generateKey.getEncoded());
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            DataOutputStream dataOutputStream = new DataOutputStream(byteArrayOutputStream);
            dataOutputStream.writeInt(doFinal.length);
            dataOutputStream.write(doFinal);
            byte[] bArr2 = new byte[16];
            new SecureRandom().nextBytes(bArr2);
            dataOutputStream.write(bArr2);
            IvParameterSpec ivParameterSpec = new IvParameterSpec(bArr2);
            Cipher cipher2 = Cipher.getInstance("Rijndael/CBC/PKCS5Padding", str);
            cipher2.init(1, generateKey, ivParameterSpec);
            CipherOutputStream cipherOutputStream2 = new CipherOutputStream(dataOutputStream, cipher2);
            try {
                cipherOutputStream2.write(bArr);
                try {
                    cipherOutputStream2.close();
                } catch (Exception unused) {
                }
                return byteArrayOutputStream.toByteArray();
            } catch (Throwable th) {
                th = th;
                cipherOutputStream = cipherOutputStream2;
                if (cipherOutputStream != null) {
                    try {
                        cipherOutputStream.close();
                    } catch (Exception unused2) {
                    }
                }
                throw th;
            }
        } catch (Throwable th2) {
            th = th2;
        }
    }

    public static byte[] encryptPrivateKey(PrivateKey privateKey, char[] cArr) throws CipherUtilException {
        byte[] bArr;
        byte[] doFinal;
        ByteArrayOutputStream byteArrayOutputStream;
        ByteArrayOutputStream byteArrayOutputStream2 = null;
        if (privateKey == null || cArr == null) {
            throw new CipherUtilException("encryptPrivateKey parameter is null");
        }
        try {
            try {
                bArr = new byte[8];
                new Random().nextBytes(bArr);
                String str = cArr.length < 8 ? "PBEWithSHAAndTwofish-CBC" : "PBEWithMD5AndDES";
                SecretKey generateSecret = SecretKeyFactory.getInstance(str).generateSecret(new PBEKeySpec(cArr));
                PBEParameterSpec pBEParameterSpec = new PBEParameterSpec(bArr, 1000);
                Cipher cipher = Cipher.getInstance(str);
                cipher.init(1, generateSecret, pBEParameterSpec);
                doFinal = cipher.doFinal("SM2".equalsIgnoreCase(privateKey.getAlgorithm()) ? ((SM2PrivateKey) privateKey).getDByBytesWithPublicKey() : privateKey.getEncoded());
                byteArrayOutputStream = new ByteArrayOutputStream();
            } catch (Exception e) {
                e = e;
            }
        } catch (Throwable th) {
            th = th;
        }
        try {
            byte[] bytes = privateKey.getAlgorithm().getBytes();
            byteArrayOutputStream.write((byte) bytes.length);
            byteArrayOutputStream.write(bytes);
            byteArrayOutputStream.write(bArr);
            byteArrayOutputStream.write(doFinal);
            byte[] byteArray = byteArrayOutputStream.toByteArray();
            try {
                byteArrayOutputStream.close();
            } catch (Exception unused) {
            }
            return byteArray;
        } catch (Exception e2) {
            e = e2;
            byteArrayOutputStream2 = byteArrayOutputStream;
            throw new CipherUtilException("口令加密私钥失败", e);
        } catch (Throwable th2) {
            th = th2;
            byteArrayOutputStream2 = byteArrayOutputStream;
            if (byteArrayOutputStream2 != null) {
                try {
                    byteArrayOutputStream2.close();
                } catch (Exception unused2) {
                }
            }
            throw th;
        }
    }

    public static KeyStore generateJKS(byte[] bArr, char[] cArr, String str, String str2) throws Exception {
        KeyStore keyStore = KeyStore.getInstance("JKS");
        keyStore.load(new ByteArrayInputStream(bArr), cArr);
        return keyStore;
    }

    public static byte[] generateJKS(Certificate[] certificateArr, PrivateKey privateKey, String str, char[] cArr, char[] cArr2, String str2) throws Exception {
        KeyStore keyStore = KeyStore.getInstance("JKS");
        keyStore.load(null, null);
        if (privateKey == null) {
            keyStore.setCertificateEntry(str, certificateArr[0]);
        } else {
            for (int i = 0; i < certificateArr.length; i++) {
                System.out.println("chain[" + i + "] [" + ((X509Certificate) certificateArr[i]).getSubjectDN().getName() + "]");
            }
            keyStore.setKeyEntry(str, privateKey, cArr, certificateArr);
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        keyStore.store(byteArrayOutputStream, cArr2);
        return byteArrayOutputStream.toByteArray();
    }

    public static SecretKey generateKey(String str, String str2, String str3) {
        Key key;
        try {
            if (CSMPCryptoProcessor.ALG_SM4.equalsIgnoreCase(str)) {
                key = new BCSoftLib().generateKey(new Mechanism(CSMPCryptoProcessor.ALG_SM4));
            } else {
                KeyGenerator keyGenerator = str3 != null ? KeyGenerator.getInstance(str, str3) : KeyGenerator.getInstance(str);
                keyGenerator.init(Integer.valueOf(str2).intValue());
                key = keyGenerator.generateKey();
            }
        } catch (Exception e) {
            e.printStackTrace();
            key = null;
        }
        return (SecretKey) key;
    }

    public static KeyPair generateKeyPair(String str, String str2, String str3) {
        try {
            if ("SM2".equalsIgnoreCase(str)) {
                return SM2.generateKeyPair();
            }
            KeyPairGenerator keyPairGenerator = str3 != null ? KeyPairGenerator.getInstance(str, str3) : KeyPairGenerator.getInstance(str);
            keyPairGenerator.initialize(Integer.valueOf(str2).intValue());
            return keyPairGenerator.generateKeyPair();
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    public static OCSPReq generateOCSPRequest(X509Certificate x509Certificate, X509Certificate x509Certificate2, X509Certificate[] x509CertificateArr, PrivateKey privateKey, String str, boolean z, String str2) throws Exception {
        OCSPReqGenerator oCSPReqGenerator = new OCSPReqGenerator();
        oCSPReqGenerator.addRequest(new CertificateID("1.3.14.3.2.26", x509Certificate2, x509Certificate.getSerialNumber()));
        if (str != null) {
            oCSPReqGenerator.setRequestorName(new GeneralName(4, new X509Principal(str)));
        }
        if (z) {
            Vector vector = new Vector();
            Vector vector2 = new Vector();
            vector.addElement(OCSPObjectIdentifiers.id_pkix_ocsp_nonce);
            vector2.addElement(new X509Extension(false, new DEROctetString(new byte[16])));
            oCSPReqGenerator.setRequestExtensions(new X509Extensions(vector, vector2));
        }
        return privateKey != null ? oCSPReqGenerator.generate(x509CertificateArr[0].getSigAlgName(), privateKey, x509CertificateArr, str2) : oCSPReqGenerator.generate();
    }

    public static OCSPReq generateOCSPRequest(byte[] bArr) throws Exception {
        return new OCSPReq(bArr);
    }

    public static OCSPResp generateOCSPResponse(int i, CertificateID certificateID, CertificateStatus certificateStatus, X509Certificate[] x509CertificateArr, PrivateKey privateKey, String str) throws Exception {
        BasicOCSPRespGenerator basicOCSPRespGenerator = new BasicOCSPRespGenerator(x509CertificateArr[0].getPublicKey());
        basicOCSPRespGenerator.addResponse(certificateID, (CertificateStatus) null);
        return new OCSPRespGenerator().generate(i, basicOCSPRespGenerator.generate(x509CertificateArr[0].getSigAlgName(), privateKey, x509CertificateArr, new Date(System.currentTimeMillis()), str));
    }

    public static OCSPResp generateOCSPResponse(byte[] bArr) throws Exception {
        return new OCSPResp(bArr);
    }

    public static PKCS10CertificationRequest generatePKCS10CertificateRequest(KeyPair keyPair, String str, String str2, String str3) throws Exception {
        return str3 != null ? new PKCS10CertificationRequest(str2, new X509Name(str), keyPair.getPublic(), (ASN1Set) null, keyPair.getPrivate(), str3) : new PKCS10CertificationRequest(str2, new X509Name(str), keyPair.getPublic(), (ASN1Set) null, keyPair.getPrivate());
    }

    public static PKCS10CertificationRequest generatePKCS10CertificateRequest(byte[] bArr) throws Exception {
        return new PKCS10CertificationRequest(bArr);
    }

    public static KeyStore generatePKCS12(byte[] bArr, char[] cArr, String str, String str2) throws Exception {
        KeyStore keyStore = KeyStore.getInstance("PKCS12", str2);
        keyStore.load(new ByteArrayInputStream(bArr), cArr);
        return keyStore;
    }

    public static byte[] generatePKCS12(Certificate[] certificateArr, PrivateKey privateKey, String str, char[] cArr, char[] cArr2, String str2) throws Exception {
        KeyStore keyStore = KeyStore.getInstance("PKCS12", str2);
        keyStore.load(null, null);
        if (privateKey == null) {
            keyStore.setCertificateEntry(str, certificateArr[0]);
        } else {
            keyStore.setKeyEntry(str, privateKey, cArr, certificateArr);
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        keyStore.store(byteArrayOutputStream, cArr2);
        return byteArrayOutputStream.toByteArray();
    }

    /* JADX WARN: Code restructure failed: missing block: B:21:0x0029, code lost:
    
        if (r1 == null) goto L22;
     */
    /* JADX WARN: Removed duplicated region for block: B:28:0x0031 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static java.security.PrivateKey generatePrivateKey(java.io.InputStream r4, java.lang.String r5) throws java.lang.Exception {
        /*
            r0 = 0
            java.io.ByteArrayOutputStream r1 = new java.io.ByteArrayOutputStream     // Catch: java.lang.Throwable -> L22 java.lang.Exception -> L24
            r1.<init>()     // Catch: java.lang.Throwable -> L22 java.lang.Exception -> L24
            r2 = 2048(0x800, float:2.87E-42)
            byte[] r2 = new byte[r2]     // Catch: java.lang.Exception -> L20 java.lang.Throwable -> L2d
        La:
            int r3 = r4.read(r2)     // Catch: java.lang.Exception -> L20 java.lang.Throwable -> L2d
            if (r3 > 0) goto L1c
            byte[] r4 = r1.toByteArray()     // Catch: java.lang.Exception -> L20 java.lang.Throwable -> L2d
            java.security.PrivateKey r0 = generatePrivateKey(r4, r5)     // Catch: java.lang.Exception -> L20 java.lang.Throwable -> L2d
        L18:
            r1.close()     // Catch: java.lang.Exception -> L2c
            goto L2c
        L1c:
            r1.write(r2)     // Catch: java.lang.Exception -> L20 java.lang.Throwable -> L2d
            goto La
        L20:
            r4 = move-exception
            goto L26
        L22:
            r4 = move-exception
            goto L2f
        L24:
            r4 = move-exception
            r1 = r0
        L26:
            r4.printStackTrace()     // Catch: java.lang.Throwable -> L2d
            if (r1 == 0) goto L2c
            goto L18
        L2c:
            return r0
        L2d:
            r4 = move-exception
            r0 = r1
        L2f:
            if (r0 == 0) goto L34
            r0.close()     // Catch: java.lang.Exception -> L34
        L34:
            goto L36
        L35:
            throw r4
        L36:
            goto L35
        */
        throw new UnsupportedOperationException("Method not decompiled: com.lsy.baselib.crypto.util.CryptUtil.generatePrivateKey(java.io.InputStream, java.lang.String):java.security.PrivateKey");
    }

    public static PrivateKey generatePrivateKey(byte[] bArr, String str) throws Exception {
        if ("RSA".equalsIgnoreCase(str)) {
            return KeyFactory.getInstance(str).generatePrivate(new PKCS8EncodedKeySpec(bArr));
        }
        if ("SM2".equalsIgnoreCase(str)) {
            return SM2.generatePrivateKey(bArr);
        }
        return null;
    }

    public static PublicKey generatePublicKey(byte[] bArr, String str) throws Exception {
        return KeyFactory.getInstance(str).generatePublic(new X509EncodedKeySpec(bArr));
    }

    public static X509Certificate generateSelfSignedCertificate(KeyPair keyPair, String str, byte[] bArr, String str2, String str3, String str4) throws Exception {
        X509V3CertificateGenerator x509V3CertificateGenerator = new X509V3CertificateGenerator();
        x509V3CertificateGenerator.reset();
        x509V3CertificateGenerator.setSerialNumber(new BigInteger(bArr));
        StringBuffer stringBuffer = new StringBuffer();
        StringTokenizer stringTokenizer = new StringTokenizer(str, ",");
        if (stringTokenizer.hasMoreElements()) {
            stringBuffer.append(stringTokenizer.nextElement());
        }
        while (stringTokenizer.hasMoreElements()) {
            stringBuffer.insert(0, ",");
            stringBuffer.insert(0, stringTokenizer.nextElement());
        }
        x509V3CertificateGenerator.setIssuerDN(new X509Name(stringBuffer.toString()));
        x509V3CertificateGenerator.setNotBefore(new Date(System.currentTimeMillis()));
        x509V3CertificateGenerator.setNotAfter(new Date(System.currentTimeMillis() + (Integer.valueOf(str3).intValue() * 86400000)));
        x509V3CertificateGenerator.setSubjectDN(new X509Name(stringBuffer.toString()));
        x509V3CertificateGenerator.setPublicKey(keyPair.getPublic());
        x509V3CertificateGenerator.setSignatureAlgorithm(str2);
        x509V3CertificateGenerator.addExtension(X509Extensions.SubjectKeyIdentifier, false, new SubjectKeyIdentifierStructure(keyPair.getPublic()));
        x509V3CertificateGenerator.addExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(keyPair.getPublic()));
        x509V3CertificateGenerator.addExtension(X509Extensions.BasicConstraints, false, new BasicConstraints(true));
        X509Certificate generate = str4 != null ? x509V3CertificateGenerator.generate(keyPair.getPrivate(), str4, new SecureRandom()) : x509V3CertificateGenerator.generate(keyPair.getPrivate(), new SecureRandom());
        generate.checkValidity(new Date());
        generate.verify(keyPair.getPublic());
        ((PKCS12BagAttributeCarrier) generate).setBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_friendlyName, new DERBMPString("CITIC"));
        return generateX509Certificate(generate.getEncoded());
    }

    /* JADX WARN: Removed duplicated region for block: B:31:0x002c A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static java.security.cert.X509CRL generateX509CRL(byte[] r3) throws java.security.cert.CRLException {
        /*
            r0 = 0
            if (r3 == 0) goto L30
            java.lang.String r1 = "X.509"
            java.security.cert.CertificateFactory r1 = java.security.cert.CertificateFactory.getInstance(r1)     // Catch: java.lang.Throwable -> L1b java.lang.Exception -> L1d
            java.io.ByteArrayInputStream r2 = new java.io.ByteArrayInputStream     // Catch: java.lang.Throwable -> L1b java.lang.Exception -> L1d
            r2.<init>(r3)     // Catch: java.lang.Throwable -> L1b java.lang.Exception -> L1d
            java.security.cert.CRL r3 = r1.generateCRL(r2)     // Catch: java.lang.Exception -> L19 java.lang.Throwable -> L28
            java.security.cert.X509CRL r3 = (java.security.cert.X509CRL) r3     // Catch: java.lang.Exception -> L19 java.lang.Throwable -> L28
            r2.close()     // Catch: java.lang.Exception -> L17
        L17:
            r0 = r3
            goto L30
        L19:
            r3 = move-exception
            goto L1f
        L1b:
            r3 = move-exception
            goto L2a
        L1d:
            r3 = move-exception
            r2 = r0
        L1f:
            r3.printStackTrace()     // Catch: java.lang.Throwable -> L28
            if (r2 == 0) goto L30
            r2.close()     // Catch: java.lang.Exception -> L30
            goto L30
        L28:
            r3 = move-exception
            r0 = r2
        L2a:
            if (r0 == 0) goto L2f
            r0.close()     // Catch: java.lang.Exception -> L2f
        L2f:
            throw r3
        L30:
            return r0
        */
        throw new UnsupportedOperationException("Method not decompiled: com.lsy.baselib.crypto.util.CryptUtil.generateX509CRL(byte[]):java.security.cert.X509CRL");
    }

    /* JADX WARN: Code restructure failed: missing block: B:22:0x002b, code lost:
    
        if (r1 == null) goto L23;
     */
    /* JADX WARN: Removed duplicated region for block: B:28:0x0033 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static java.security.cert.X509Certificate generateX509Certificate(java.io.InputStream r4) throws java.lang.Exception {
        /*
            if (r4 == 0) goto L37
            r0 = 0
            java.io.ByteArrayOutputStream r1 = new java.io.ByteArrayOutputStream     // Catch: java.lang.Throwable -> L24 java.lang.Exception -> L26
            r1.<init>()     // Catch: java.lang.Throwable -> L24 java.lang.Exception -> L26
            r2 = 4096(0x1000, float:5.74E-42)
            byte[] r2 = new byte[r2]     // Catch: java.lang.Exception -> L22 java.lang.Throwable -> L2f
        Lc:
            int r3 = r4.read(r2)     // Catch: java.lang.Exception -> L22 java.lang.Throwable -> L2f
            if (r3 > 0) goto L1e
            byte[] r4 = r1.toByteArray()     // Catch: java.lang.Exception -> L22 java.lang.Throwable -> L2f
            java.security.cert.X509Certificate r0 = generateX509Certificate(r4)     // Catch: java.lang.Exception -> L22 java.lang.Throwable -> L2f
        L1a:
            r1.close()     // Catch: java.lang.Exception -> L2e
            goto L2e
        L1e:
            r1.write(r2)     // Catch: java.lang.Exception -> L22 java.lang.Throwable -> L2f
            goto Lc
        L22:
            r4 = move-exception
            goto L28
        L24:
            r4 = move-exception
            goto L31
        L26:
            r4 = move-exception
            r1 = r0
        L28:
            r4.printStackTrace()     // Catch: java.lang.Throwable -> L2f
            if (r1 == 0) goto L2e
            goto L1a
        L2e:
            return r0
        L2f:
            r4 = move-exception
            r0 = r1
        L31:
            if (r0 == 0) goto L36
            r0.close()     // Catch: java.lang.Exception -> L36
        L36:
            throw r4
        L37:
            java.lang.Exception r4 = new java.lang.Exception
            java.lang.String r0 = "generateX509Certificate parameter isX509Crt is null"
            r4.<init>(r0)
            goto L40
        L3f:
            throw r4
        L40:
            goto L3f
        */
        throw new UnsupportedOperationException("Method not decompiled: com.lsy.baselib.crypto.util.CryptUtil.generateX509Certificate(java.io.InputStream):java.security.cert.X509Certificate");
    }

    public static X509Certificate generateX509Certificate(String str, PKCS10CertificationRequest pKCS10CertificationRequest, X509Certificate x509Certificate, PrivateKey privateKey, String str2, int i, String str3) throws Exception {
        X509V3CertificateGenerator x509V3CertificateGenerator = new X509V3CertificateGenerator();
        x509V3CertificateGenerator.reset();
        x509V3CertificateGenerator.setSerialNumber(new BigInteger(str2));
        StringBuffer stringBuffer = new StringBuffer();
        StringTokenizer stringTokenizer = new StringTokenizer(x509Certificate.getSubjectDN().getName().toString(), ",");
        if (stringTokenizer.hasMoreElements()) {
            stringBuffer.append(stringTokenizer.nextElement());
        }
        while (stringTokenizer.hasMoreElements()) {
            stringBuffer.insert(0, ",");
            stringBuffer.insert(0, stringTokenizer.nextElement());
        }
        x509V3CertificateGenerator.setIssuerDN(new X509Name(stringBuffer.toString()));
        x509V3CertificateGenerator.setNotBefore(new Date(System.currentTimeMillis()));
        x509V3CertificateGenerator.setNotAfter(new Date(System.currentTimeMillis() + (i * 86400000)));
        if (str == null) {
            x509V3CertificateGenerator.setSubjectDN(pKCS10CertificationRequest.getCertificationRequestInfo().getSubject());
        } else {
            StringBuffer stringBuffer2 = new StringBuffer();
            StringTokenizer stringTokenizer2 = new StringTokenizer(str, ",");
            if (stringTokenizer2.hasMoreElements()) {
                stringBuffer2.append(stringTokenizer2.nextElement());
            }
            while (stringTokenizer2.hasMoreElements()) {
                stringBuffer2.insert(0, ",");
                stringBuffer2.insert(0, stringTokenizer2.nextElement());
            }
            x509V3CertificateGenerator.setSubjectDN(new X509Name(stringBuffer2.toString()));
        }
        x509V3CertificateGenerator.setPublicKey(pKCS10CertificationRequest.getPublicKey());
        x509V3CertificateGenerator.setSignatureAlgorithm(x509Certificate.getSigAlgName());
        x509V3CertificateGenerator.addExtension(X509Extensions.SubjectKeyIdentifier, false, new SubjectKeyIdentifierStructure(pKCS10CertificationRequest.getPublicKey()));
        x509V3CertificateGenerator.addExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(x509Certificate));
        x509V3CertificateGenerator.addExtension(X509Extensions.BasicConstraints, false, new BasicConstraints(false));
        x509V3CertificateGenerator.addExtension(X509Extensions.KeyUsage, false, new KeyUsage(184));
        X509Certificate generate = str3 != null ? x509V3CertificateGenerator.generate(privateKey, str3, new SecureRandom()) : x509V3CertificateGenerator.generate(privateKey, new SecureRandom());
        generate.checkValidity(new Date());
        generate.verify(x509Certificate.getPublicKey());
        ((PKCS12BagAttributeCarrier) generate).setBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_friendlyName, new DERBMPString("reserving ..."));
        return generateX509Certificate(generate.getEncoded());
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v6, types: [java.security.cert.X509Certificate] */
    public static X509Certificate generateX509Certificate(byte[] bArr) throws Exception {
        com.lsy.baselib.crypto.protocol.X509Certificate x509Certificate;
        if (bArr == null) {
            throw new Exception("generateX509Certificate parameter derX509Crt is null");
        }
        ByteArrayInputStream byteArrayInputStream = null;
        try {
            X509Cert x509Cert = new X509Cert(bArr);
            String signatureAlgName = x509Cert.getSignatureAlgName();
            if (signatureAlgName.indexOf("RSA") > 0) {
                ByteArrayInputStream byteArrayInputStream2 = new ByteArrayInputStream(bArr);
                try {
                    x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(byteArrayInputStream2);
                    byteArrayInputStream = byteArrayInputStream2;
                } catch (Throwable th) {
                    th = th;
                    byteArrayInputStream = byteArrayInputStream2;
                    if (byteArrayInputStream != null) {
                        try {
                            byteArrayInputStream.close();
                        } catch (Exception unused) {
                        }
                    }
                    throw th;
                }
            } else {
                x509Certificate = signatureAlgName.indexOf("SM2") > 0 ? new com.lsy.baselib.crypto.protocol.X509Certificate(x509Cert) : null;
            }
            if (byteArrayInputStream != null) {
                try {
                    byteArrayInputStream.close();
                } catch (Exception unused2) {
                }
            }
            return x509Certificate;
        } catch (Throwable th2) {
            th = th2;
        }
    }

    public static byte[] getCertFromRSAPfx(byte[] bArr, char[] cArr) throws Exception {
        KeyStore loadFromStore = StoreUtil.loadFromStore(bArr, cArr, "PKCS12", "BC");
        Enumeration<String> aliases = loadFromStore.aliases();
        return loadFromStore.getCertificate(aliases.hasMoreElements() ? aliases.nextElement() : null).getEncoded();
    }

    public static byte[] sign(byte[] bArr, PrivateKey privateKey, String str, boolean z, String str2) throws Exception {
        Signature signature = Signature.getInstance(str, str2);
        signature.initSign(privateKey);
        signature.update(bArr);
        byte[] sign = signature.sign();
        if (!z) {
            return sign;
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        DataOutputStream dataOutputStream = new DataOutputStream(byteArrayOutputStream);
        dataOutputStream.writeInt(str.length());
        dataOutputStream.write(str.getBytes());
        dataOutputStream.writeInt(sign.length);
        dataOutputStream.write(sign);
        dataOutputStream.writeInt(bArr.length);
        dataOutputStream.write(bArr);
        dataOutputStream.close();
        return byteArrayOutputStream.toByteArray();
    }

    public static boolean verify(byte[] bArr, PublicKey publicKey, String str) throws Exception {
        DataInputStream dataInputStream = new DataInputStream(new ByteArrayInputStream(bArr));
        byte[] bArr2 = new byte[dataInputStream.readInt()];
        dataInputStream.readFully(bArr2);
        byte[] bArr3 = new byte[dataInputStream.readInt()];
        dataInputStream.readFully(bArr3);
        byte[] bArr4 = new byte[dataInputStream.readInt()];
        dataInputStream.readFully(bArr4);
        return verify(bArr4, bArr3, publicKey, new String(bArr2), str);
    }

    public static boolean verify(byte[] bArr, byte[] bArr2, PublicKey publicKey, String str, String str2) throws Exception {
        Signature signature = Signature.getInstance(str, str2);
        signature.initVerify(publicKey);
        signature.update(bArr);
        return signature.verify(bArr2);
    }
}
