package cfca.sadk.extend.session.bridge.impl.rsa;

import cfca.sadk.extend.session.CryptoException;
import cfca.sadk.extend.session.CryptoParameterException;
import cfca.sadk.extend.session.util.DataHelper;
import cfca.sadk.org.bouncycastle.crypto.params.RSAKeyParameters;
import cfca.sadk.org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters;
import cfca.sadk.system.logging.LoggerManager;
import java.math.BigInteger;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.interfaces.RSAPrivateCrtKey;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;

/* loaded from: input_file:cfca/sadk/extend/session/bridge/impl/rsa/RSACardKeyHelper.class */
public final class RSACardKeyHelper {
    private RSACardKeyHelper() {
    }

    public static RSAPublicKey buildPublicKey(PublicKey publicKey) throws CryptoException {
        RSACardPublicKey buildExternalSoftKey;
        if (publicKey == null) {
            throw new CryptoParameterException("RSACard buildExternalPublicKey failure with null publicKey");
        }
        if (publicKey instanceof RSACardPublicKey) {
            buildExternalSoftKey = (RSACardPublicKey) publicKey;
        } else {
            if (!(publicKey instanceof RSAPublicKey)) {
                throw new CryptoException("RSACard buildExternalPublicKey failure with not support key: " + publicKey.getClass());
            }
            buildExternalSoftKey = RSACardPublicKey.buildExternalSoftKey(buildExternalKeyData((RSAPublicKey) publicKey));
        }
        return buildExternalSoftKey;
    }

    public static RSAPublicKey buildExternalPublicKey(byte[] bArr) throws CryptoException {
        if (bArr == null) {
            throw new CryptoParameterException("RSACard buildExternalPublicKey failure with null pubKeyData");
        }
        try {
            return RSACardPublicKey.buildExternalSoftKey(bArr);
        } catch (Exception e) {
            if (LoggerManager.exceptionLogger.isErrorEnabled()) {
                LoggerManager.exceptionLogger.error("RSACard buildExternalPublicKey failure with invalid pubKeyData: {}", DataHelper.dump4KPartData(bArr), e);
            }
            throw new CryptoException("RSACard buildExternalPublicKey failure with invalid pubKeyData", e);
        }
    }

    public static RSAPublicKey buildInternalPublicKey(int i, int i2, byte[] bArr) throws CryptoException {
        if (i <= 0) {
            throw new CryptoParameterException("RSACard buildInternalPublicKey failure with keyIndex=" + i);
        }
        if (bArr == null) {
            throw new CryptoParameterException("RSACard buildInternalPublicKey failure with null pubKeyData");
        }
        try {
            return RSACardPublicKey.buildInternalHardKey(i, i2, bArr);
        } catch (Exception e) {
            if (LoggerManager.exceptionLogger.isErrorEnabled()) {
                LoggerManager.exceptionLogger.error("RSACard buildInternalPublicKey failure with invalid pubKeyData: {}, keyIndex={}", new Object[]{DataHelper.dump4KPartData(bArr), Integer.valueOf(i), e});
            }
            throw new CryptoException("RSACard buildInternalPublicKey failure with invalid pubKeyData", e);
        }
    }

    public static RSAPrivateKey buildPrivateKey(PrivateKey privateKey) throws CryptoException {
        RSAPrivateKey rSAPrivateKey;
        if (privateKey == null) {
            throw new CryptoParameterException("RSACard buildExternalPrivateKey failure with null privateKey");
        }
        if (privateKey instanceof RSACardExternalPrivateKey) {
            rSAPrivateKey = (RSACardExternalPrivateKey) privateKey;
        } else if (privateKey instanceof RSACardInternalPrivateKey) {
            rSAPrivateKey = (RSACardInternalPrivateKey) privateKey;
        } else if (privateKey instanceof RSAPrivateCrtKey) {
            RSAPrivateCrtKey rSAPrivateCrtKey = (RSAPrivateCrtKey) privateKey;
            rSAPrivateKey = isValidRSAPrivateCrtKey(rSAPrivateCrtKey) ? new RSACardExternalPrivateKey(buildExternalKeyData(rSAPrivateCrtKey)) : (RSAPrivateKey) privateKey;
        } else {
            if (!(privateKey instanceof RSAPrivateKey)) {
                throw new CryptoParameterException("RSACard buildExternalPrivateKey failure with not RSAPrivateKey");
            }
            rSAPrivateKey = (RSAPrivateKey) privateKey;
        }
        return rSAPrivateKey;
    }

    public static RSAPrivateKey buildExternalPrivateKey(byte[] bArr) throws CryptoException {
        if (bArr == null) {
            throw new CryptoParameterException("RSACard buildExternalPrivateKey failure with null priKeyData");
        }
        try {
            return new RSACardExternalPrivateKey(bArr);
        } catch (Exception e) {
            if (LoggerManager.exceptionLogger.isErrorEnabled()) {
                LoggerManager.exceptionLogger.error("RSACard buildExternalPrivateKey failure with invalid priKeyData: {}", DataHelper.dump4KPartData(bArr), e);
            }
            throw new CryptoException("RSACard buildExternalPrivateKey failure with invalid priKeyData", e);
        }
    }

    public static RSAPrivateKey buildInternalPrivateKey(int i, int i2, byte[] bArr) throws CryptoException {
        if (i <= 0) {
            throw new CryptoParameterException("RSACard buildInternalPrivateKey failure with keyIndex=" + i);
        }
        if (bArr == null) {
            throw new CryptoParameterException("RSACard buildInternalPrivateKey failure with null pubKeyData");
        }
        try {
            return new RSACardInternalPrivateKey(i, i2, bArr);
        } catch (Exception e) {
            if (LoggerManager.exceptionLogger.isErrorEnabled()) {
                LoggerManager.exceptionLogger.error("RSACard buildInternalPrivateKey failure with invalid pubKeyData: {}, keyIndex={}", new Object[]{DataHelper.dump4KPartData(bArr), Integer.valueOf(i), e});
            }
            throw new CryptoException("RSACard buildInternalPrivateKey failure with invalid pubKeyData", e);
        }
    }

    private static byte[] buildExternalKeyData(RSAPublicKey rSAPublicKey) throws CryptoException {
        if (rSAPublicKey == null) {
            throw new CryptoParameterException("RSACard buildExternalKeyData failure: missing publicKey");
        }
        return (byte[]) new RSACardRefPublicKeyParams(new RSAKeyParameters(false, rSAPublicKey.getModulus(), rSAPublicKey.getPublicExponent())).keyData.clone();
    }

    private static byte[] buildExternalKeyData(RSAPrivateCrtKey rSAPrivateCrtKey) throws CryptoException {
        if (rSAPrivateCrtKey == null) {
            throw new CryptoParameterException("RSACard buildExternalKeyData failure: missing privateKey");
        }
        return (byte[]) new RSACardRefPrivateKeyParams(new RSAPrivateCrtKeyParameters(rSAPrivateCrtKey.getModulus(), rSAPrivateCrtKey.getPublicExponent(), rSAPrivateCrtKey.getPrivateExponent(), rSAPrivateCrtKey.getPrimeP(), rSAPrivateCrtKey.getPrimeQ(), rSAPrivateCrtKey.getPrimeExponentP(), rSAPrivateCrtKey.getPrimeExponentQ(), rSAPrivateCrtKey.getCrtCoefficient())).keyData.clone();
    }

    private static boolean isValidRSAPrivateCrtKey(RSAPrivateCrtKey rSAPrivateCrtKey) {
        boolean z;
        if (rSAPrivateCrtKey == null) {
            z = false;
        } else {
            BigInteger modulus = rSAPrivateCrtKey.getModulus();
            BigInteger publicExponent = rSAPrivateCrtKey.getPublicExponent();
            int bitLength = (((7 + modulus.bitLength()) >> 3) << 3) >> 1;
            z = checkBitLength(modulus, 4096) && checkBitLength(publicExponent, 32) && checkBitLength(rSAPrivateCrtKey.getPrivateExponent(), 4096) && checkBitLength(rSAPrivateCrtKey.getPrimeP(), bitLength) && checkBitLength(rSAPrivateCrtKey.getPrimeQ(), bitLength) && checkBitLength(rSAPrivateCrtKey.getPrimeExponentP(), bitLength) && checkBitLength(rSAPrivateCrtKey.getPrimeExponentQ(), bitLength) && checkBitLength(rSAPrivateCrtKey.getCrtCoefficient(), bitLength);
        }
        return z;
    }

    private static boolean checkBitLength(BigInteger bigInteger, int i) {
        boolean z;
        if (bigInteger == null) {
            z = false;
        } else {
            int bitLength = bigInteger.bitLength();
            z = bitLength > 0 && bitLength <= i;
        }
        return z;
    }
}
