package cn.topca.sp.svm;

import cn.topca.sp.crypto.CipherAgent;
import cn.topca.sp.jce.TopCAProvider;
import cn.topca.sp.security.pkcs.PKCS7SignedData;
import cn.topca.sp.security.pkcs.SignerInfoBuilder;
import cn.topca.sp.security.x509.AlgorithmId;
import cn.topca.sp.x509.X509Certificate;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Security;
import java.security.Signature;
import java.util.Arrays;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.cms.CMSProcessableByteArray;
import org.bouncycastle.cms.CMSSignedDataGenerator;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.util.CollectionStore;

/* loaded from: classes.dex */
public class SVM {
    static {
        if (Security.getProvider(TopCAProvider.PROVIDER_NAME) == null) {
            Security.addProvider(new TopCAProvider());
        }
        if (Security.getProvider(BouncyCastleProvider.PROVIDER_NAME) == null) {
            Security.addProvider(new BouncyCastleProvider());
        }
    }

    public static byte[] decrypt(byte[] bArr, PrivateKey privateKey) {
        return decrypt(bArr, privateKey, null);
    }

    public static byte[] decrypt(byte[] bArr, PrivateKey privateKey, String str) {
        if (str == null) {
            str = "RSA".equalsIgnoreCase(privateKey.getAlgorithm()) ? "RSA/None/PKCS1Padding" : "SM2/None/NoPadding";
        }
        CipherAgent cipherAgent = CipherAgent.getInstance(str);
        cipherAgent.init(2, privateKey);
        cipherAgent.update(bArr);
        return cipherAgent.doFinal();
    }

    public static byte[] encrypt(byte[] bArr, X509Certificate x509Certificate) {
        return encrypt(bArr, x509Certificate.getPublicKey(), (String) null);
    }

    public static byte[] encrypt(byte[] bArr, X509Certificate x509Certificate, String str) {
        return encrypt(bArr, x509Certificate.getPublicKey(), str);
    }

    public static byte[] encrypt(byte[] bArr, PublicKey publicKey, String str) {
        if (str == null) {
            str = "RSA".equalsIgnoreCase(publicKey.getAlgorithm()) ? "RSA/None/PKCS1Padding" : "SM2/None/NoPadding";
        }
        CipherAgent cipherAgent = CipherAgent.getInstance(str);
        cipherAgent.init(1, publicKey);
        cipherAgent.update(bArr);
        return cipherAgent.doFinal();
    }

    public static String getDefaultSignAlgorithm(String str) {
        if ("RSA".equalsIgnoreCase(str)) {
            return "SHA1withRSA";
        }
        if ("SM2".equalsIgnoreCase(str)) {
            return "SM3withSM2";
        }
        if ("EC".equalsIgnoreCase(str)) {
            return "SM3WithSM2";
        }
        return null;
    }

    public static byte[] signMessageToPKCS7(byte[] bArr, PrivateKey privateKey, String str, X509Certificate x509Certificate, boolean z) {
        CMSSignedDataGenerator cMSSignedDataGenerator = new CMSSignedDataGenerator();
        cMSSignedDataGenerator.addCertificates(new CollectionStore(Arrays.asList(new X509CertificateHolder(x509Certificate.getEncoded()))));
        if (str == null) {
            str = getDefaultSignAlgorithm(privateKey.getAlgorithm());
        }
        String[] split = str.toUpperCase().split("WITH");
        cMSSignedDataGenerator.addSignerInfoGenerator(new SignerInfoBuilder(x509Certificate, new AlgorithmIdentifier(AlgorithmId.getAlgorithmId(split[0]).getOId()), new AlgorithmIdentifier(AlgorithmId.getAlgorithmId(split[1]).getOId()), signMessageToRawData(bArr, privateKey, str)));
        return cMSSignedDataGenerator.generate(new CMSProcessableByteArray(bArr), z).getEncoded();
    }

    public static byte[] signMessageToRawData(byte[] bArr, PrivateKey privateKey) {
        return signMessageToRawData(bArr, privateKey, null);
    }

    public static byte[] signMessageToRawData(byte[] bArr, PrivateKey privateKey, String str) {
        if (str == null) {
            str = getDefaultSignAlgorithm(privateKey.getAlgorithm());
        }
        Signature signature = Signature.getInstance(str);
        signature.initSign(privateKey);
        signature.update(bArr);
        return signature.sign();
    }

    public static X509Certificate verifyPKCS7SignedData(byte[] bArr, byte[] bArr2) {
        PKCS7SignedData pKCS7SignedData = new PKCS7SignedData(bArr);
        java.security.cert.X509Certificate verify = pKCS7SignedData.verify(bArr2);
        if (bArr2 == null || pKCS7SignedData.isDetached()) {
            return X509Certificate.getInstance(verify.getEncoded());
        }
        if (Arrays.equals(bArr2, pKCS7SignedData.getContent())) {
            return X509Certificate.getInstance(verify.getEncoded());
        }
        throw new Exception("传入的签名原文与签名数据中的原文不匹配，验签失败");
    }

    public static boolean verifyRawSignedData(byte[] bArr, byte[] bArr2, X509Certificate x509Certificate) {
        return verifyRawSignedData(bArr, bArr2, x509Certificate.getPublicKey(), (String) null);
    }

    public static boolean verifyRawSignedData(byte[] bArr, byte[] bArr2, X509Certificate x509Certificate, String str) {
        return verifyRawSignedData(bArr, bArr2, x509Certificate.getPublicKey(), str);
    }

    public static boolean verifyRawSignedData(byte[] bArr, byte[] bArr2, PublicKey publicKey) {
        return verifyRawSignedData(bArr, bArr2, publicKey, (String) null);
    }

    public static boolean verifyRawSignedData(byte[] bArr, byte[] bArr2, PublicKey publicKey, String str) {
        if (str == null) {
            str = getDefaultSignAlgorithm(publicKey.getAlgorithm());
        }
        try {
            Signature signature = Signature.getInstance(str);
            signature.initVerify(publicKey);
            signature.update(bArr2);
            return signature.verify(bArr);
        } catch (Exception e) {
            e.printStackTrace();
            return false;
        }
    }
}
