package me.andpay.ti.s3.client;

import java.io.InputStream;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.cert.CertificateFactory;
import java.security.interfaces.RSAPrivateCrtKey;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.RSAPublicKeySpec;
import java.security.spec.X509EncodedKeySpec;
import javax.crypto.Cipher;
import me.andpay.ti.util.ArrayUtil;
import me.andpay.ti.util.ByteUtil;
import me.andpay.ti.util.IOUtil;
import me.andpay.ti.util.StringUtil;

/* loaded from: classes3.dex */
public final class SimpleRSACryptoUtil {
    public static final String ALG_RSA = "RSA";
    private static final String CERT_TYPE_X509 = "X.509";
    private static final String KEYSTORE_TYPE_PFX = "PKCS12";
    public static final String SIGN_ALG_RSA_MD5 = "MD5WithRSA";
    public static final String SIGN_ALG_RSA_SHA1 = "SHA1WithRSA";
    public static final String SIGN_ALG_RSA_SHA256 = "SHA256WithRSA";

    private SimpleRSACryptoUtil() {
    }

    private static char[] convertPassword(String str) {
        if (StringUtil.isEmpty(str)) {
            return null;
        }
        return str.toCharArray();
    }

    public static byte[] decryptByPrivateKey(byte[] bArr, PrivateKey privateKey, boolean z) {
        return decryptByPrivateKey(bArr, privateKey, z, (String) null);
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public static byte[] decryptByPrivateKey(byte[] bArr, PrivateKey privateKey, boolean z, String str) {
        Cipher initRSACipher = initRSACipher(privateKey, ALG_RSA, z, str, 2);
        if (!(privateKey instanceof RSAPrivateKey)) {
            throw new RuntimeException("Only support RSAPrivateKey, key=" + privateKey.getClass());
        }
        int bitLength = ((RSAPrivateKey) privateKey).getModulus().bitLength() / 8;
        if (bArr.length <= bitLength) {
            try {
                return initRSACipher.doFinal(bArr);
            } catch (Exception e) {
                throw new RuntimeException("RSA decrypt by private key error, paddingMode=" + str, e);
            }
        }
        byte[][] split = ArrayUtil.split(bArr, bitLength);
        byte[][] bArr2 = new byte[split.length];
        for (int i = 0; i < split.length; i++) {
            try {
                bArr2[i] = initRSACipher.doFinal(split[i]);
            } catch (Exception e2) {
                throw new RuntimeException("RSA decrypt by private key error, paddingMode=" + str, e2);
            }
        }
        return ByteUtil.concat(bArr2);
    }

    public static byte[] decryptByPrivateKey(byte[] bArr, byte[] bArr2, boolean z) {
        return decryptByPrivateKey(bArr, bArr2, z, (String) null);
    }

    public static byte[] decryptByPrivateKey(byte[] bArr, byte[] bArr2, boolean z, String str) {
        return decryptByPrivateKey(bArr, genPrivateKey(bArr2), z, str);
    }

    public static byte[] encryptByPublicKey(byte[] bArr, PublicKey publicKey, boolean z) {
        return encryptByPublicKey(bArr, publicKey, z, (String) null);
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public static byte[] encryptByPublicKey(byte[] bArr, PublicKey publicKey, boolean z, String str) {
        Cipher initRSACipher = initRSACipher(publicKey, ALG_RSA, z, str, 1);
        if (!(publicKey instanceof RSAPublicKey)) {
            throw new RuntimeException("Only support RSAPublicKey, key=" + publicKey.getClass());
        }
        int bitLength = (((RSAPublicKey) publicKey).getModulus().bitLength() / 8) - (RsaPaddingModes.OAEP_SHA1_MGF.equals(str) ? 42 : RsaPaddingModes.OAEP_MD5_MGF.equals(str) ? 34 : 11);
        if (bArr.length <= bitLength) {
            try {
                return initRSACipher.doFinal(bArr);
            } catch (Exception e) {
                throw new RuntimeException("RSA encrypt by public key error, paddingMode=" + str, e);
            }
        }
        byte[][] split = ArrayUtil.split(bArr, bitLength);
        byte[][] bArr2 = new byte[split.length];
        for (int i = 0; i < split.length; i++) {
            try {
                bArr2[i] = initRSACipher.doFinal(split[i]);
            } catch (Exception e2) {
                throw new RuntimeException("RSA encrypt by public key error, paddingMode=" + str, e2);
            }
        }
        return ByteUtil.concat(bArr2);
    }

    public static byte[] encryptByPublicKey(byte[] bArr, byte[] bArr2, boolean z) {
        return encryptByPublicKey(bArr, bArr2, z, (String) null);
    }

    public static byte[] encryptByPublicKey(byte[] bArr, byte[] bArr2, boolean z, String str) {
        return encryptByPublicKey(bArr, genPublicKey(bArr2), z, str);
    }

    public static PrivateKey genPrivateKey(byte[] bArr) {
        try {
            return KeyFactory.getInstance(ALG_RSA).generatePrivate(new PKCS8EncodedKeySpec(bArr));
        } catch (Exception e) {
            throw new RuntimeException("Get private key by key data error", e);
        }
    }

    public static PublicKey genPublicKey(byte[] bArr) {
        try {
            return KeyFactory.getInstance(ALG_RSA).generatePublic(new X509EncodedKeySpec(bArr));
        } catch (Exception e) {
            throw new RuntimeException("Get public key by key data error", e);
        }
    }

    public static PublicKey genPublicKeyByPrivateKey(PrivateKey privateKey) {
        if (!(privateKey instanceof RSAPrivateCrtKey)) {
            return null;
        }
        RSAPrivateCrtKey rSAPrivateCrtKey = (RSAPrivateCrtKey) privateKey;
        try {
            return KeyFactory.getInstance(ALG_RSA).generatePublic(new RSAPublicKeySpec(rSAPrivateCrtKey.getModulus(), rSAPrivateCrtKey.getPublicExponent()));
        } catch (Exception e) {
            throw new RuntimeException("Gen public key error", e);
        }
    }

    public static KeyPair genRandomRSAKeyPair(int i) {
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(ALG_RSA);
            keyPairGenerator.initialize(i, new SecureRandom(ByteUtil.parseBytes(System.currentTimeMillis())));
            return keyPairGenerator.generateKeyPair();
        } catch (Exception unused) {
            throw new RuntimeException("Gen RSA key pair error, keySize=" + i);
        }
    }

    public static PublicKey getPublicKeyFromCer(InputStream inputStream) {
        try {
            try {
                return CertificateFactory.getInstance(CERT_TYPE_X509).generateCertificate(inputStream).getPublicKey();
            } catch (Exception e) {
                throw new RuntimeException("Get public key from cert error", e);
            }
        } finally {
            IOUtil.closeQuietly(inputStream);
        }
    }

    public static Cipher initRSACipher(Key key, String str, boolean z, int i) {
        return initRSACipher(key, str, z, null, i);
    }

    public static Cipher initRSACipher(Key key, String str, boolean z, String str2, int i) {
        StringBuilder sb = new StringBuilder();
        sb.append(str);
        sb.append("/");
        sb.append(z ? "ECB" : "NONE");
        sb.append("/");
        if (!z) {
            str2 = "NoPadding";
        } else if (str2 == null) {
            str2 = RsaPaddingModes.PKCS;
        }
        sb.append(str2);
        try {
            Cipher cipher = Cipher.getInstance(sb.toString());
            cipher.init(i, key);
            return cipher;
        } catch (Exception e) {
            throw new RuntimeException("Init RSA cipher error, mode=" + i, e);
        }
    }

    public static byte[] signWithMD5(byte[] bArr, PrivateKey privateKey) {
        return signWithRSA(SIGN_ALG_RSA_MD5, bArr, privateKey);
    }

    public static byte[] signWithMD5(byte[] bArr, byte[] bArr2) {
        return signWithRSA(SIGN_ALG_RSA_MD5, bArr, genPrivateKey(bArr2));
    }

    private static byte[] signWithRSA(String str, byte[] bArr, PrivateKey privateKey) {
        try {
            Signature signature = Signature.getInstance(str);
            signature.initSign(privateKey);
            signature.update(bArr);
            return signature.sign();
        } catch (Exception e) {
            throw new RuntimeException("Sign by " + str + " error", e);
        }
    }

    public static byte[] signWithSHA1(byte[] bArr, PrivateKey privateKey) {
        return signWithRSA("SHA1WithRSA", bArr, privateKey);
    }

    public static byte[] signWithSHA1(byte[] bArr, byte[] bArr2) {
        return signWithRSA("SHA1WithRSA", bArr, genPrivateKey(bArr2));
    }

    public static byte[] signWithSHA256(byte[] bArr, PrivateKey privateKey) {
        return signWithRSA(SIGN_ALG_RSA_SHA256, bArr, privateKey);
    }

    public static byte[] signWithSHA256(byte[] bArr, byte[] bArr2) {
        return signWithRSA(SIGN_ALG_RSA_SHA256, bArr, genPrivateKey(bArr2));
    }

    public static boolean verifySignWithMD5(byte[] bArr, byte[] bArr2, PublicKey publicKey) {
        return verifySignWithRSA(SIGN_ALG_RSA_MD5, bArr, bArr2, publicKey);
    }

    public static boolean verifySignWithMD5(byte[] bArr, byte[] bArr2, byte[] bArr3) {
        return verifySignWithRSA(SIGN_ALG_RSA_MD5, bArr, bArr2, genPublicKey(bArr3));
    }

    private static boolean verifySignWithRSA(String str, byte[] bArr, byte[] bArr2, PublicKey publicKey) {
        try {
            Signature signature = Signature.getInstance(str);
            signature.initVerify(publicKey);
            signature.update(bArr2);
            return signature.verify(bArr);
        } catch (Exception e) {
            throw new RuntimeException("Verify sign by sha1 error", e);
        }
    }

    public static boolean verifySignWithSHA1(byte[] bArr, byte[] bArr2, PublicKey publicKey) {
        return verifySignWithRSA("SHA1WithRSA", bArr, bArr2, publicKey);
    }

    public static boolean verifySignWithSHA1(byte[] bArr, byte[] bArr2, byte[] bArr3) {
        return verifySignWithRSA("SHA1WithRSA", bArr, bArr2, genPublicKey(bArr3));
    }

    public static boolean verifySignWithSHA256(byte[] bArr, byte[] bArr2, PublicKey publicKey) {
        return verifySignWithRSA(SIGN_ALG_RSA_SHA256, bArr, bArr2, publicKey);
    }

    public static boolean verifySignWithSHA256(byte[] bArr, byte[] bArr2, byte[] bArr3) {
        return verifySignWithRSA(SIGN_ALG_RSA_SHA256, bArr, bArr2, genPublicKey(bArr3));
    }
}
