package bluecrystal.bcdeps.helper;

import bluecrystal.domain.helper.IttruLoggerFactory;
import java.io.DataInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.security.InvalidKeyException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Security;
import java.security.Signature;
import java.security.SignatureException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Collection;
import java.util.Enumeration;
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.cms.CMSProcessableByteArray;
import org.bouncycastle.cms.CMSSignedData;
import org.bouncycastle.cms.SignerInformation;
import org.bouncycastle.cms.jcajce.JcaSimpleSignerInfoVerifierBuilder;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.util.Store;

/* loaded from: input_file:bluecrystal/bcdeps/helper/PkiOps.class */
public class PkiOps {
    private static final String SHA1WITH_RSA = "SHA1withRSA";
    private static final String SHA224WITH_RSA = "SHA224withRSA";
    private static final String SHA256WITH_RSA = "SHA256withRSA";
    private static final String SHA384WITH_RSA = "SHA384withRSA";
    private static final String SHA512WITH_RSA = "SHA512withRSA";
    private static final long MAXLENGTH = 104857600;

    public boolean verify(String str, String str2) throws Exception {
        byte[] loadEnv = loadEnv(str2);
        return verify(str != null ? new CMSSignedData(new CMSProcessableByteArray(getBytesFromFile(new File(str))), loadEnv) : new CMSSignedData(loadEnv));
    }

    public static byte[] signSha1(PrivateKey privateKey, byte[] bArr) throws Exception {
        return signByAlg(privateKey, bArr, SHA1WITH_RSA);
    }

    public static byte[] signSha224(PrivateKey privateKey, byte[] bArr) throws Exception {
        return signByAlg(privateKey, bArr, SHA224WITH_RSA);
    }

    public static byte[] signSha256(PrivateKey privateKey, byte[] bArr) throws Exception {
        return signByAlg(privateKey, bArr, SHA256WITH_RSA);
    }

    public static byte[] signSha384(PrivateKey privateKey, byte[] bArr) throws Exception {
        return signByAlg(privateKey, bArr, SHA384WITH_RSA);
    }

    public static byte[] signSha512(PrivateKey privateKey, byte[] bArr) throws Exception {
        return signByAlg(privateKey, bArr, SHA512WITH_RSA);
    }

    private static byte[] signByAlg(PrivateKey privateKey, byte[] bArr, String str) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException {
        Signature signature = Signature.getInstance(str);
        signature.initSign(privateKey);
        signature.update(bArr);
        return signature.sign();
    }

    public byte[] calcSha1(byte[] bArr) throws NoSuchAlgorithmException {
        return calcSha(bArr, "SHA1");
    }

    public byte[] calcSha224(byte[] bArr) throws NoSuchAlgorithmException {
        return calcSha(bArr, "SHA224");
    }

    public byte[] calcSha256(byte[] bArr) throws NoSuchAlgorithmException {
        return calcSha(bArr, "SHA256");
    }

    public byte[] calcSha384(byte[] bArr) throws NoSuchAlgorithmException {
        return calcSha(bArr, "SHA384");
    }

    public byte[] calcSha512(byte[] bArr) throws NoSuchAlgorithmException {
        return calcSha(bArr, "SHA512");
    }

    private byte[] calcSha(byte[] bArr, String str) throws NoSuchAlgorithmException {
        MessageDigest messageDigest = MessageDigest.getInstance(str);
        messageDigest.reset();
        messageDigest.update(bArr);
        return messageDigest.digest();
    }

    public boolean verify(CMSSignedData cMSSignedData) throws Exception {
        boolean z = true;
        Store certificates = cMSSignedData.getCertificates();
        for (SignerInformation signerInformation : cMSSignedData.getSignerInfos().getSigners()) {
            signerInformation.getSID();
            Collection matches = certificates.getMatches(signerInformation.getSID());
            if (matches.size() > 1) {
                return false;
            }
            z = signerInformation.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(new JcaX509CertificateConverter().setProvider("BC").getCertificate((X509CertificateHolder) matches.iterator().next())));
            if (!z) {
                return false;
            }
        }
        return z;
    }

    public X509Certificate loadCertFromP12(String str, String str2) throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, FileNotFoundException {
        return loadCertFromP12(new FileInputStream(str), str2);
    }

    public X509Certificate loadCertFromP12(InputStream inputStream, String str) throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, FileNotFoundException {
        String nextElement;
        X509Certificate x509Certificate = null;
        KeyStore keyStore = KeyStore.getInstance("PKCS12");
        keyStore.load(inputStream, str.toCharArray());
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            try {
                nextElement = aliases.nextElement();
            } catch (UnrecoverableKeyException e) {
                e.printStackTrace();
            }
            if (((PrivateKey) keyStore.getKey(nextElement, str.toCharArray())) != null) {
                x509Certificate = (X509Certificate) keyStore.getCertificate(nextElement);
                break;
            }
            continue;
        }
        return x509Certificate;
    }

    public PrivateKey loadPrivFromP12(String str, String str2) throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, FileNotFoundException {
        return loadPrivFromP12(new FileInputStream(str), str2);
    }

    public PrivateKey loadPrivFromP12(InputStream inputStream, String str) throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, FileNotFoundException {
        PrivateKey privateKey = null;
        KeyStore keyStore = KeyStore.getInstance("PKCS12");
        keyStore.load(inputStream, str.toCharArray());
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            try {
                privateKey = (PrivateKey) keyStore.getKey(aliases.nextElement(), str.toCharArray());
            } catch (UnrecoverableKeyException e) {
                e.printStackTrace();
            }
            if (privateKey != null) {
                break;
            }
        }
        return privateKey;
    }

    private static byte[] getBytesFromFile(File file) throws IOException {
        InputStream inputStream = null;
        try {
            long length = file.length();
            if (length > MAXLENGTH) {
                throw new IllegalArgumentException("File is too big");
            }
            byte[] bArr = new byte[(int) length];
            FileInputStream fileInputStream = new FileInputStream(file);
            fileInputStream.read(bArr);
            if (fileInputStream != null) {
                try {
                    fileInputStream.close();
                } catch (IOException e) {
                }
            }
            return bArr;
        } catch (Throwable th) {
            if (0 != 0) {
                try {
                    inputStream.close();
                } catch (IOException e2) {
                }
            }
            throw th;
        }
    }

    private byte[] loadEnv(String str) throws FileNotFoundException, IOException {
        File file = new File(str);
        if (!file.exists()) {
            IttruLoggerFactory.get().println("Nao existe: " + str);
        }
        byte[] bArr = new byte[(int) file.length()];
        DataInputStream dataInputStream = new DataInputStream(new FileInputStream(file));
        dataInputStream.readFully(bArr);
        dataInputStream.close();
        return bArr;
    }

    static {
        Security.addProvider(new BouncyCastleProvider());
    }
}
