package com.akai.cert.util;

import java.io.FileInputStream;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Base64;
import java.util.Enumeration;

/* loaded from: classes.dex */
public class SignerUtilForRSA {
    private X509Certificate cert;
    private PrivateKey priKey;

    public static void main(String[] strArr) {
        SignerUtilForRSA signerUtilForRSA = new SignerUtilForRSA();
        signerUtilForRSA.init("证书P12文件路径", "证书pin码");
        byte[] sign = signerUtilForRSA.sign("原文".getBytes());
        System.out.println(Base64.getEncoder().encodeToString(sign));
        System.out.println(verify("123456abcd".getBytes(), sign, signerUtilForRSA.cert));
    }

    private static boolean matchUsage(boolean[] zArr, int i) {
        if (i == 0 || zArr == null) {
            return true;
        }
        for (int i2 = 0; i2 < Math.min(zArr.length, 32); i2++) {
            if (((1 << i2) & i) != 0 && !zArr[i2]) {
                return false;
            }
        }
        return true;
    }

    public static boolean verify(byte[] bArr, byte[] bArr2, X509Certificate x509Certificate) {
        Signature signature = Signature.getInstance("SHA1withRSA");
        signature.initVerify(x509Certificate);
        signature.update(bArr);
        return signature.verify(bArr2);
    }

    public void init(String str, String str2) {
        KeyStore keyStore = (str.toLowerCase().endsWith(".pfx") || str.toLowerCase().endsWith(".p12")) ? KeyStore.getInstance("PKCS12") : KeyStore.getInstance("JKS");
        FileInputStream fileInputStream = null;
        r1 = null;
        String str3 = null;
        try {
            FileInputStream fileInputStream2 = new FileInputStream(str);
            try {
                keyStore.load(fileInputStream2, str2.toCharArray());
                if (fileInputStream2 != null) {
                    fileInputStream2.close();
                }
                Enumeration<String> aliases = keyStore.aliases();
                if (aliases != null) {
                    while (aliases.hasMoreElements()) {
                        str3 = aliases.nextElement();
                        Certificate[] certificateChain = keyStore.getCertificateChain(str3);
                        if (certificateChain != null && certificateChain.length != 0) {
                            X509Certificate x509Certificate = (X509Certificate) certificateChain[0];
                            if (matchUsage(x509Certificate.getKeyUsage(), 1)) {
                                try {
                                    x509Certificate.checkValidity();
                                    break;
                                } catch (CertificateException unused) {
                                    continue;
                                }
                            } else {
                                continue;
                            }
                        }
                    }
                }
                if (str3 == null) {
                    throw new GeneralSecurityException("None certificate for sign in this keystore");
                }
                this.priKey = (PrivateKey) keyStore.getKey(str3, str2.toCharArray());
                this.cert = (X509Certificate) keyStore.getCertificate(str3);
            } catch (Throwable th) {
                th = th;
                fileInputStream = fileInputStream2;
                if (fileInputStream != null) {
                    fileInputStream.close();
                }
                throw th;
            }
        } catch (Throwable th2) {
            th = th2;
        }
    }

    public byte[] sign(byte[] bArr) {
        Signature signature = Signature.getInstance("SHA1withRSA");
        signature.initSign(this.priKey);
        signature.update(bArr);
        return signature.sign();
    }
}
