package cfca.sadk.asn1.pkcs;

import cfca.sadk.algorithm.common.GMObjectIdentifiers;
import cfca.sadk.algorithm.common.Mechanism;
import cfca.sadk.algorithm.common.MechanismKit;
import cfca.sadk.algorithm.common.PKCSObjectIdentifiers;
import cfca.sadk.algorithm.common.PKIException;
import cfca.sadk.algorithm.common.X9ObjectIdentifiers;
import cfca.sadk.algorithm.sm2.SM2PublicKey;
import cfca.sadk.asn1.parser.ASN1Parser;
import cfca.sadk.org.bouncycastle.asn1.ASN1EncodableVector;
import cfca.sadk.org.bouncycastle.asn1.ASN1Integer;
import cfca.sadk.org.bouncycastle.asn1.ASN1ObjectIdentifier;
import cfca.sadk.org.bouncycastle.asn1.ASN1OctetString;
import cfca.sadk.org.bouncycastle.asn1.ASN1Primitive;
import cfca.sadk.org.bouncycastle.asn1.ASN1Sequence;
import cfca.sadk.org.bouncycastle.asn1.ASN1Set;
import cfca.sadk.org.bouncycastle.asn1.DEROctetString;
import cfca.sadk.org.bouncycastle.asn1.DERPrintableString;
import cfca.sadk.org.bouncycastle.asn1.DERSequence;
import cfca.sadk.org.bouncycastle.asn1.DERSet;
import cfca.sadk.org.bouncycastle.asn1.pkcs.RSAPublicKey;
import cfca.sadk.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import cfca.sadk.org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import cfca.sadk.org.bouncycastle.asn1.x9.X9ECParameters;
import cfca.sadk.org.bouncycastle.crypto.params.ECDomainParameters;
import cfca.sadk.org.bouncycastle.crypto.params.ECNamedDomainParameters;
import cfca.sadk.org.bouncycastle.crypto.params.ECPublicKeyParameters;
import cfca.sadk.org.bouncycastle.crypto.params.RSAKeyParameters;
import cfca.sadk.org.bouncycastle.crypto.util.PublicKeyFactory;
import cfca.sadk.org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPublicKey;
import cfca.sadk.org.bouncycastle.jcajce.provider.asymmetric.ec.ECCSuportedCurves;
import cfca.sadk.org.bouncycastle.jcajce.provider.asymmetric.rsa.BCRSAPublicKey;
import cfca.sadk.org.bouncycastle.jcajce.provider.asymmetric.sm.SM2Params;
import cfca.sadk.org.bouncycastle.jce.spec.ECNamedCurveParameterSpec;
import cfca.sadk.org.bouncycastle.jce.spec.ECParameterSpec;
import cfca.sadk.org.bouncycastle.util.encoders.Hex;
import cfca.sadk.system.Mechanisms;
import java.io.IOException;
import java.security.PublicKey;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:cfca/sadk/asn1/pkcs/CSRPublicKeyHelper.class */
public abstract class CSRPublicKeyHelper {
    CSRPublicKeyHelper() {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String buildCurveNameFrom(Mechanism mechanism) throws PKIException {
        String curveName = mechanism.getCurveName();
        if (curveName == null) {
            curveName = ECCSuportedCurves.PRIME256V1;
        } else if (!ECCSuportedCurves.isSupportedCurve(curveName)) {
            throw new PKIException("buildCurveNameFrom Failure: unsupported curveName: " + curveName);
        }
        return curveName;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static SubjectPublicKeyInfo buildSubjectPublicKeyInfoFrom(PublicKey publicKey) throws PKIException {
        if (publicKey == null) {
            throw new IllegalArgumentException("buildSubjectPublicKeyInfoFrom parameter invalid: publicKey ==null");
        }
        byte[] encoded = publicKey.getEncoded();
        if (encoded == null) {
            throw new IllegalArgumentException("buildSubjectPublicKeyInfoFrom parameter invalid: encoding of publicKey ==null");
        }
        return SubjectPublicKeyInfo.getInstance(encoded);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static DERSet buildTemporaryPublicKeyP10Attributes(PublicKey publicKey, String str, String str2) throws PKIException {
        DEROctetString dEROctetString;
        if (publicKey == null) {
            throw new PKIException("buildTemporaryPublicKeyP10Attributes parameter invalid: temporaryPublicKey=null");
        }
        if (str == null) {
            throw new PKIException("buildTemporaryPublicKeyP10Attributes parameter invalid: challengePassword=null");
        }
        if (str2 == null) {
            throw new PKIException("buildTemporaryPublicKeyP10Attributes parameter invalid: keyType=null");
        }
        SubjectPublicKeyInfo subjectPublicKeyInfo = SubjectPublicKeyInfo.getInstance(publicKey.getEncoded());
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        DERPrintableString dERPrintableString = new DERPrintableString(str);
        aSN1EncodableVector.add(PKCSObjectIdentifiers.pkcs_9_at_challengePassword);
        aSN1EncodableVector.add(dERPrintableString);
        DERSequence dERSequence = new DERSequence(aSN1EncodableVector);
        ASN1EncodableVector aSN1EncodableVector2 = new ASN1EncodableVector();
        aSN1EncodableVector2.add(PKCSObjectIdentifiers.pkcs_9_at_tempPublicKey);
        ASN1Integer aSN1Integer = new ASN1Integer(1L);
        if (MechanismKit.RSA.equals(str2)) {
            try {
                dEROctetString = new DEROctetString(subjectPublicKeyInfo.parsePublicKey());
            } catch (IOException e) {
                throw new PKIException("buildTemporaryPublicKeyP10Attributes Failure: temporaryPublicKeyInfo to ASN1Object failure", e);
            }
        } else {
            if (!MechanismKit.SM2.equals(str2)) {
                if (MechanismKit.ECC.equals(str2)) {
                    throw new PKIException("buildTemporaryPublicKeyP10Attributes do not support keyType=ECC ");
                }
                throw new PKIException("buildTemporaryPublicKeyP10Attributes do not support  keyType=" + str2);
            }
            dEROctetString = new DEROctetString(buildTemporaryPublicKeySM2Data(subjectPublicKeyInfo));
        }
        ASN1EncodableVector aSN1EncodableVector3 = new ASN1EncodableVector();
        aSN1EncodableVector3.add(aSN1Integer);
        aSN1EncodableVector3.add(dEROctetString);
        try {
            aSN1EncodableVector2.add(new DEROctetString(new DERSequence(aSN1EncodableVector3)));
            DERSequence dERSequence2 = new DERSequence(aSN1EncodableVector2);
            ASN1EncodableVector aSN1EncodableVector4 = new ASN1EncodableVector();
            aSN1EncodableVector4.add(dERSequence);
            aSN1EncodableVector4.add(dERSequence2);
            return new DERSet(aSN1EncodableVector4);
        } catch (IOException e2) {
            throw new PKIException("buildTemporaryPublicKeyP10Attributes temporaryPublicKeyInfo to OctetString failure", e2);
        }
    }

    static byte[] buildTemporaryPublicKeySM2Data(SubjectPublicKeyInfo subjectPublicKeyInfo) {
        byte[] bArr = new byte[136];
        byte[] bytes = subjectPublicKeyInfo.getPublicKeyData().getBytes();
        byte[] bArr2 = new byte[32];
        byte[] bArr3 = new byte[32];
        System.arraycopy(bytes, 1, bArr2, 0, 32);
        System.arraycopy(bytes, 33, bArr3, 0, 32);
        System.arraycopy(new byte[]{0, -76, 0, 0}, 0, bArr, 0, 4);
        System.arraycopy(new byte[]{0, 1, 0, 0}, 0, bArr, 4, 4);
        System.arraycopy(bArr2, 0, bArr, 8, 32);
        System.arraycopy(bArr3, 0, bArr, 72, 32);
        return bArr;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static byte[] buildTemporaryPublicKeyDataFromP10(ASN1Set aSN1Set) throws PKIException {
        byte[] bArr = null;
        if (aSN1Set != null && aSN1Set.size() >= 2) {
            ASN1Sequence aSN1Sequence = (ASN1Sequence) aSN1Set.getObjectAt(1);
            if (PKCSObjectIdentifiers.pkcs_9_at_tempPublicKey.equals(ASN1ObjectIdentifier.getInstance(aSN1Sequence.getObjectAt(0)))) {
                bArr = ((ASN1OctetString) ASN1Parser.parseOCT2SEQ(ASN1OctetString.getInstance(aSN1Sequence.getObjectAt(1))).getObjectAt(1)).getOctets();
            }
        }
        return bArr;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static PublicKey buildPublicKeyFrom(SubjectPublicKeyInfo subjectPublicKeyInfo) throws PKIException {
        PublicKey buildECCPublicKeyFrom;
        if (subjectPublicKeyInfo == null) {
            throw new IllegalArgumentException("buildPublicKeyFrom parameter invalid: subjectPublicKeyInfo ==null");
        }
        AlgorithmIdentifier algorithm = subjectPublicKeyInfo.getAlgorithm();
        if (Mechanisms.isSM2PublicKey(algorithm)) {
            buildECCPublicKeyFrom = buildSM2PublicKeyFrom(subjectPublicKeyInfo);
        } else if (Mechanisms.isRSAPublicKey(algorithm)) {
            buildECCPublicKeyFrom = buildRSAPublicKeyFrom(subjectPublicKeyInfo);
        } else {
            if (!Mechanisms.isECCPublicKey(algorithm)) {
                try {
                    throw new PKIException("buildPublicKeyFrom failure: can not support this key type: " + Hex.toHexString(subjectPublicKeyInfo.getEncoded()));
                } catch (IOException e) {
                    throw new PKIException("buildPublicKeyFrom failure when get subjectPublicKeyInfo asn1-encoding");
                }
            }
            buildECCPublicKeyFrom = buildECCPublicKeyFrom(subjectPublicKeyInfo);
        }
        return buildECCPublicKeyFrom;
    }

    private static PublicKey buildECCPublicKeyFrom(SubjectPublicKeyInfo subjectPublicKeyInfo) throws PKIException {
        BCECPublicKey bCECPublicKey;
        if (subjectPublicKeyInfo == null) {
            throw new PKIException("buildECCPublicKeyFrom parameter invalid: subjectPublicKeyInfo ==null");
        }
        try {
            ECPublicKeyParameters eCPublicKeyParameters = (ECPublicKeyParameters) PublicKeyFactory.createKey(subjectPublicKeyInfo);
            if (eCPublicKeyParameters.getParameters() instanceof ECNamedDomainParameters) {
                ECNamedDomainParameters eCNamedDomainParameters = (ECNamedDomainParameters) eCPublicKeyParameters.getParameters();
                bCECPublicKey = new BCECPublicKey("EC", eCPublicKeyParameters, new ECNamedCurveParameterSpec(eCNamedDomainParameters.getName().getId(), eCNamedDomainParameters.getCurve(), eCNamedDomainParameters.getG(), eCNamedDomainParameters.getN(), eCNamedDomainParameters.getH(), eCNamedDomainParameters.getSeed()));
            } else {
                if (!(eCPublicKeyParameters.getParameters() instanceof ECDomainParameters)) {
                    throw new PKIException("buildECCPublicKeyFrom invalid algorithm&parameters: " + eCPublicKeyParameters.getParameters());
                }
                ECDomainParameters parameters = eCPublicKeyParameters.getParameters();
                bCECPublicKey = new BCECPublicKey("EC", eCPublicKeyParameters, new ECParameterSpec(parameters.getCurve(), parameters.getG(), parameters.getN(), parameters.getH(), parameters.getSeed()));
            }
            return bCECPublicKey;
        } catch (IOException e) {
            throw new PKIException("buildECCPublicKeyFrom convert to ECPublicKeyParameters failed", e);
        }
    }

    private static PublicKey buildSM2PublicKeyFrom(SubjectPublicKeyInfo subjectPublicKeyInfo) throws PKIException {
        if (subjectPublicKeyInfo == null) {
            throw new PKIException("buildSM2PublicKeyFrom parameter invalid: subjectPublicKeyInfo ==null");
        }
        byte[] bytes = subjectPublicKeyInfo.getPublicKeyData().getBytes();
        if (bytes.length != 65) {
            throw new PKIException("buildSM2PublicKeyFrom Failure: PublicKeyData[bitstring] required 65-bytes and start with 0x04");
        }
        return new SM2PublicKey(bytes);
    }

    private static PublicKey buildRSAPublicKeyFrom(SubjectPublicKeyInfo subjectPublicKeyInfo) throws PKIException {
        if (subjectPublicKeyInfo == null) {
            throw new PKIException("buildRSAPublicKeyFrom parameter invalid: subjectPublicKeyInfo ==null");
        }
        try {
            return new BCRSAPublicKey((RSAKeyParameters) PublicKeyFactory.createKey(subjectPublicKeyInfo));
        } catch (IOException e) {
            throw new PKIException("buildRSAPublicKeyFrom convert to RSAKeyParameters failed", e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static PublicKey buildTemporaryPublicKeyFromP10(ASN1Set aSN1Set, PublicKey publicKey) throws PKIException {
        PublicKey publicKey2 = null;
        byte[] buildTemporaryPublicKeyDataFromP10 = buildTemporaryPublicKeyDataFromP10(aSN1Set);
        if (buildTemporaryPublicKeyDataFromP10 != null) {
            String decodeP10PublicKeyType = decodeP10PublicKeyType(publicKey);
            if (MechanismKit.RSA.equals(decodeP10PublicKeyType)) {
                RSAPublicKey rSAPublicKey = RSAPublicKey.getInstance(buildTemporaryPublicKeyDataFromP10);
                publicKey2 = new BCRSAPublicKey(new RSAKeyParameters(false, rSAPublicKey.getModulus(), rSAPublicKey.getPublicExponent()));
            } else if (MechanismKit.SM2.equals(decodeP10PublicKeyType)) {
                byte[] bArr = new byte[32];
                byte[] bArr2 = new byte[32];
                System.arraycopy(buildTemporaryPublicKeyDataFromP10, 8, bArr, 0, 32);
                System.arraycopy(buildTemporaryPublicKeyDataFromP10, 72, bArr2, 0, 32);
                publicKey2 = new SM2PublicKey(bArr, bArr2);
            } else if (!MechanismKit.ECC.equals(decodeP10PublicKeyType)) {
                throw new PKIException("buildTemporaryPublicKeyFromP10 failed: do not supprt PublicKey-->" + publicKey.getClass());
            }
        }
        return publicKey2;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static int buildP10PublicKeySize(PublicKey publicKey) throws PKIException {
        if (publicKey == null) {
            throw new PKIException("buildP10PublicKeySize parameter invalid: publicKey ==null");
        }
        int buildP10RecognizablePublicKeySize = buildP10RecognizablePublicKeySize(publicKey);
        if (buildP10RecognizablePublicKeySize == 0) {
            buildP10RecognizablePublicKeySize = buildP10RecognizablePublicKeySize(buildPublicKeyFrom(buildSubjectPublicKeyInfoFrom(publicKey)));
        }
        if (buildP10RecognizablePublicKeySize == 0) {
            throw new PKIException("buildP10PublicKeySize parameter invalid keyType: " + publicKey.getClass());
        }
        return buildP10RecognizablePublicKeySize;
    }

    private static int buildP10RecognizablePublicKeySize(PublicKey publicKey) throws PKIException {
        if (publicKey == null) {
            throw new PKIException("buildP10PublicKeySize parameter invalid: publicKey ==null");
        }
        int i = 0;
        if (publicKey instanceof SM2PublicKey) {
            i = 256;
        } else if (publicKey instanceof java.security.interfaces.RSAPublicKey) {
            i = ((java.security.interfaces.RSAPublicKey) publicKey).getModulus().bitLength();
        } else if (publicKey instanceof BCECPublicKey) {
            i = ((BCECPublicKey) publicKey).getQ().getCurve().getFieldSize();
        } else if (MechanismKit.SM2.equalsIgnoreCase(publicKey.getAlgorithm())) {
            i = 256;
        }
        return i;
    }

    static String buildP10PublicKeyType(SubjectPublicKeyInfo subjectPublicKeyInfo) throws PKIException {
        String str;
        boolean z;
        if (subjectPublicKeyInfo == null) {
            throw new PKIException("buildP10PublicKeyType parameter invalid: subjectPublicKeyInfo ==null");
        }
        AlgorithmIdentifier algorithm = subjectPublicKeyInfo.getAlgorithm();
        ASN1ObjectIdentifier algorithm2 = algorithm.getAlgorithm();
        if (PKCSObjectIdentifiers.rsaEncryption.equals(algorithm2)) {
            str = MechanismKit.RSA;
        } else if (GMObjectIdentifiers.sm2.equals(algorithm2) || GMObjectIdentifiers.sm2_old.equals(algorithm2)) {
            str = MechanismKit.SM2;
        } else {
            if (!X9ObjectIdentifiers.id_ecPublicKey.equals(algorithm2)) {
                throw new PKIException("buildP10PublicKeyType parameter invalid oidAlgorithm: " + algorithm2.getId());
            }
            ASN1Primitive aSN1Primitive = algorithm.getParameters().toASN1Primitive();
            if (aSN1Primitive.isConstructed()) {
                ECParameterSpec eCParameterSpec = SM2Params.sm2ParameterSpec;
                X9ECParameters x9ECParameters = X9ECParameters.getInstance(DERSequence.getInstance(aSN1Primitive));
                z = x9ECParameters.getG().equals(eCParameterSpec.getG()) && x9ECParameters.getCurve().equals(eCParameterSpec.getCurve());
            } else {
                z = aSN1Primitive.equals(X9ObjectIdentifiers.sm2PubKey) || aSN1Primitive.equals(X9ObjectIdentifiers.sm2PubKey_OLD);
            }
            str = z ? MechanismKit.SM2 : MechanismKit.ECC;
        }
        return str;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String decodeP10PublicKeyType(PublicKey publicKey) throws PKIException {
        if (publicKey == null) {
            throw new PKIException("buildP10PublicKeyType parameter invalid: publicKey ==null");
        }
        String algorithm = publicKey.getAlgorithm();
        return publicKey instanceof SM2PublicKey ? MechanismKit.SM2 : publicKey instanceof java.security.interfaces.RSAPublicKey ? MechanismKit.RSA : publicKey instanceof BCECPublicKey ? MechanismKit.ECC : MechanismKit.SM2.equalsIgnoreCase(algorithm) ? MechanismKit.SM2 : MechanismKit.RSA.equalsIgnoreCase(algorithm) ? MechanismKit.RSA : MechanismKit.ECC.equalsIgnoreCase(algorithm) ? MechanismKit.SM2 : buildP10PublicKeyType(buildSubjectPublicKeyInfoFrom(publicKey));
    }
}
