package com.ksign.wizsign.others.smartchannel.crypt;

import com.ksign.wizsign.others.smartchannel.crypt.impl.CuBASE64;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.FileInputStream;
import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Random;
import javak.crypto.Cipher;
import javak.crypto.Mac;
import javak.crypto.SecretKey;
import javak.crypto.spec.IvParameterSpec;
import javak.crypto.spec.SecretKeySpec;
import ksign.jce.provider.pkcs.PKCS5;
import ksign.jce.provider.pkcs.PKCS7;
import ksign.jce.util.Base64;
import ksign.jce.util.JCEUtil;

/* loaded from: classes.dex */
public class WSCipherUtil {
    private String m_Algorithm;
    private IvParameterSpec m_IvSpec;
    private SecretKey m_SecretKey;

    public WSCipherUtil(String str, byte[] bArr, byte[] bArr2) {
        this.m_IvSpec = null;
        this.m_SecretKey = null;
        this.m_Algorithm = null;
        this.m_Algorithm = str;
        this.m_SecretKey = new SecretKeySpec(bArr, str);
        this.m_IvSpec = new IvParameterSpec(bArr2);
    }

    public static byte[] RSADecrypt(byte[] bArr, PrivateKey privateKey) {
        try {
            Cipher cipher = Cipher.getInstance("RSA", "Ksign");
            cipher.init(2, privateKey);
            return cipher.doFinal(bArr);
        } catch (Exception e) {
            throw e;
        }
    }

    public static byte[] RSAEncryptWithPublicKey(byte[] bArr, PublicKey publicKey) {
        try {
            Cipher cipher = Cipher.getInstance("RSA", "Ksign");
            cipher.init(1, publicKey);
            return cipher.doFinal(bArr);
        } catch (Exception e) {
            throw e;
        }
    }

    public static byte[] decodeBase64(String str) {
        try {
            return CuBASE64.decode(str.getBytes());
        } catch (Exception e) {
            throw e;
        }
    }

    public static byte[] doDecodeDecryptRSA(String str, String str2, String str3, String str4) {
        try {
            return PKCS7.verifyPKCS7(new ByteArrayInputStream(Base64.decode(str)), readServerCertificate(str3), readServerPrivateKey(str2, str4), null);
        } catch (Exception e) {
            e.printStackTrace();
            throw e;
        }
    }

    public static String doEncryptEncodeRSA(String str, String str2) {
        try {
            return new String(CuBASE64.encode(PKCS7.envelopedData(str.getBytes(), new Certificate[]{readServerCertificate(str2)}, "SEED")));
        } catch (Exception e) {
            throw e;
        }
    }

    public static String doEncryptEncodeRSA(String str, Certificate certificate) {
        try {
            return new String(CuBASE64.encode(PKCS7.envelopedData(str.getBytes(), new Certificate[]{certificate}, "SEED")));
        } catch (Exception e) {
            throw e;
        }
    }

    public static String doEncryptEncodeRSA(byte[] bArr, String str) {
        try {
            Certificate readServerCertificate = readServerCertificate(str);
            if (readServerCertificate == null) {
                System.out.println("cert is null");
            }
            return new String(CuBASE64.encode(PKCS7.envelopedData(bArr, new Certificate[]{readServerCertificate}, "SEED")));
        } catch (Exception e) {
            throw e;
        }
    }

    public static byte[] doHMac(byte[] bArr, byte[] bArr2, String str) {
        try {
            SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, str);
            Mac mac = Mac.getInstance(str, "Ksign");
            mac.init(secretKeySpec);
            mac.update(bArr2);
            return mac.doFinal();
        } catch (Exception e) {
            throw e;
        }
    }

    public static String encodeBase64(byte[] bArr) {
        try {
            return new String(CuBASE64.encode(bArr));
        } catch (Exception e) {
            throw e;
        }
    }

    public static byte[] genRandomKey(int i) {
        try {
            byte[] bArr = new byte[i];
            new Random().nextBytes(bArr);
            return bArr;
        } catch (Exception e) {
            throw e;
        }
    }

    public static String getCertDN(String str) {
        JCEUtil.initProvider();
        try {
            Certificate[] certsForPKCS7 = PKCS7.getCertsForPKCS7(new ByteArrayInputStream(Base64.decode(str)));
            if (certsForPKCS7 == null) {
                throw new Exception("Fail to get certificate from signed data");
            }
            return ((X509Certificate) certsForPKCS7[0]).getSubjectDN().toString();
        } catch (Exception e) {
            throw e;
        }
    }

    public static WSCipherUtil getMasterCipherUtil(String str, String str2, String str3, String str4) {
        byte[] bArr = new byte[16];
        byte[] bArr2 = new byte[16];
        try {
            byte[] doDecodeDecryptRSA = doDecodeDecryptRSA(str, str4, str2, str3);
            System.arraycopy(doDecodeDecryptRSA, 0, bArr, 0, 16);
            System.arraycopy(doDecodeDecryptRSA, 0, bArr2, 0, 16);
            return new WSCipherUtil("SEED", bArr, bArr2);
        } catch (Exception e) {
            throw e;
        }
    }

    public static Certificate readServerCertificate(String str) {
        try {
            return CertificateFactory.getInstance("X.509", "Ksign").generateCertificate(new FileInputStream(str));
        } catch (Exception e) {
            throw e;
        }
    }

    public static PrivateKey readServerPrivateKey(String str, String str2) {
        try {
            FileInputStream fileInputStream = new FileInputStream(str2);
            char[] charArray = str.toCharArray();
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            PKCS5.PKCS5Decode(fileInputStream, charArray, byteArrayOutputStream);
            fileInputStream.close();
            return KeyFactory.getInstance("RSA", "Ksign").generatePrivate(new PKCS8EncodedKeySpec(PKCS5.privateKeyInfoEncodeValue(byteArrayOutputStream.toByteArray())));
        } catch (Exception e) {
            throw e;
        }
    }

    public byte[] decryptMasterKeyWithCert(String str, String str2, String str3, String str4) {
        try {
            return doDecodeDecryptRSA(str, str4, str2, str3);
        } catch (Exception e) {
            throw e;
        }
    }

    public byte[] doDecodeDecrypt(String str) {
        try {
            return doDecrypt(Base64.decode(str.getBytes()));
        } catch (Exception e) {
            throw e;
        }
    }

    public byte[] doDecrypt(byte[] bArr) {
        try {
            Cipher cipher = Cipher.getInstance(this.m_Algorithm + "/CBC/PKCS5Padding", "Ksign");
            cipher.init(2, this.m_SecretKey, this.m_IvSpec);
            return cipher.doFinal(bArr);
        } catch (Exception e) {
            throw e;
        }
    }
}
