package ru.i_novus.common.sign.util;

import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.io.OutputStream;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.nio.file.StandardOpenOption;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.security.spec.PKCS8EncodedKeySpec;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.cert.jcajce.JcaX509ExtensionUtils;
import org.bouncycastle.crypto.engines.DESedeEngine;
import org.bouncycastle.crypto.engines.RC2Engine;
import org.bouncycastle.crypto.modes.CBCBlockCipher;
import org.bouncycastle.pkcs.PKCS12PfxPdu;
import org.bouncycastle.pkcs.PKCS12PfxPduBuilder;
import org.bouncycastle.pkcs.PKCS12SafeBag;
import org.bouncycastle.pkcs.bc.BcPKCS12MacCalculatorBuilder;
import org.bouncycastle.pkcs.bc.BcPKCS12PBEOutputEncryptorBuilder;
import org.bouncycastle.pkcs.jcajce.JcaPKCS12SafeBagBuilder;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import ru.i_novus.common.sign.api.SignAlgorithmType;

/* loaded from: input_file:ru/i_novus/common/sign/util/CryptoIO.class */
public class CryptoIO {
    private static final Logger logger = LoggerFactory.getLogger(CryptoIO.class);
    private static final int BUFFER_SIZE = 1024;

    private CryptoIO() {
    }

    public static CryptoIO getInstance() {
        return new CryptoIO();
    }

    public PKCS8EncodedKeySpec readPkFromDER(String str) {
        return new PKCS8EncodedKeySpec(Files.readAllBytes(Paths.get(str, new String[0])));
    }

    public PrivateKey readPkFromPEM(Path path, SignAlgorithmType signAlgorithmType) {
        return CryptoFormatConverter.getInstance().getPKFromPEMEncoded(signAlgorithmType, new String(Files.readAllBytes(path)));
    }

    public X509CertificateHolder readCertFromDER(String str) {
        return new X509CertificateHolder(Files.readAllBytes(Paths.get(str, new String[0])));
    }

    public X509Certificate readCertFromPEM(Path path) {
        return CryptoFormatConverter.getInstance().getCertificateFromPEMEncoded(new String(Files.readAllBytes(path)));
    }

    public String writeCertToDERFile(X509CertificateHolder x509CertificateHolder, Path path) {
        if (path.toFile().exists()) {
            Files.delete(path);
        }
        OutputStream newOutputStream = Files.newOutputStream(path, StandardOpenOption.CREATE);
        Throwable th = null;
        try {
            try {
                newOutputStream.write(x509CertificateHolder.getEncoded());
                if (newOutputStream != null) {
                    if (0 != 0) {
                        try {
                            newOutputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        newOutputStream.close();
                    }
                }
                return path.toString();
            } finally {
            }
        } finally {
        }
    }

    public byte[] writeCertToByteArray(X509CertificateHolder x509CertificateHolder) {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byteArrayOutputStream.write(x509CertificateHolder.getEncoded());
        return byteArrayOutputStream.toByteArray();
    }

    public String writePKToDERFile(KeyPair keyPair, Path path) {
        if (path.toFile().exists()) {
            Files.delete(path);
        }
        OutputStream newOutputStream = Files.newOutputStream(path, StandardOpenOption.CREATE);
        Throwable th = null;
        try {
            try {
                newOutputStream.write(new PKCS8EncodedKeySpec(keyPair.getPrivate().getEncoded()).getEncoded());
                if (newOutputStream != null) {
                    if (0 != 0) {
                        try {
                            newOutputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        newOutputStream.close();
                    }
                }
                return path.toString();
            } finally {
            }
        } finally {
        }
    }

    public byte[] writePKToByteArray(PrivateKey privateKey) {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byteArrayOutputStream.write(new PKCS8EncodedKeySpec(privateKey.getEncoded()).getEncoded());
        return byteArrayOutputStream.toByteArray();
    }

    public PrivateKey readPrivateKeyFromPKCS12(Path path, String str) {
        return readPrivateKeyFromPKCS12(Files.newInputStream(path, new OpenOption[0]), str);
    }

    public KeyStore getPkcs12KeyStore(InputStream inputStream, String str) {
        KeyStore keyStore = KeyStore.getInstance("pkcs12", "BC");
        keyStore.load(inputStream, str == null ? null : str.toCharArray());
        return keyStore;
    }

    public PrivateKey readPrivateKeyFromPKCS12(KeyStore keyStore, String str) {
        return (PrivateKey) keyStore.getKey(keyStore.aliases().nextElement(), str == null ? null : str.toCharArray());
    }

    public X509Certificate readCertificateFromPKCS12(InputStream inputStream, String str) {
        return readCertificateFromPKCS12(getPkcs12KeyStore(inputStream, str));
    }

    public X509Certificate readCertificateFromPKCS12(KeyStore keyStore) {
        Certificate[] certificateChain = keyStore.getCertificateChain(keyStore.aliases().nextElement());
        return (X509Certificate) certificateChain[certificateChain.length - 1];
    }

    public PrivateKey readPrivateKeyFromPKCS12(InputStream inputStream, String str) {
        return readPrivateKeyFromPKCS12(getPkcs12KeyStore(inputStream, str), str);
    }

    public X509Certificate readCertificateFromPKCS12(Path path, String str) {
        return readCertificateFromPKCS12(Files.newInputStream(path, new OpenOption[0]), str);
    }

    public void createPkcs12File(Path path, String str, PrivateKey privateKey, X509Certificate[] x509CertificateArr) {
        PKCS12PfxPdu createPkcs12PfxPdu = createPkcs12PfxPdu(str, privateKey, x509CertificateArr);
        OutputStream newOutputStream = Files.newOutputStream(path, StandardOpenOption.CREATE, StandardOpenOption.TRUNCATE_EXISTING, StandardOpenOption.WRITE);
        Throwable th = null;
        try {
            newOutputStream.write(createPkcs12PfxPdu.getEncoded());
            if (newOutputStream != null) {
                if (0 != 0) {
                    try {
                        newOutputStream.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                } else {
                    newOutputStream.close();
                }
            }
        } finally {
        }
    }

    public String createPkcs12FileEncoded(String str, PrivateKey privateKey, X509Certificate[] x509CertificateArr) {
        return Base64Util.getBase64EncodedString(createPkcs12PfxPdu(str, privateKey, x509CertificateArr).getEncoded());
    }

    public PKCS12PfxPdu createPkcs12PfxPdu(String str, PrivateKey privateKey, X509Certificate[] x509CertificateArr) {
        if (x509CertificateArr.length == 0) {
            throw new IllegalArgumentException("Cannot build PKCS12 without certificates");
        }
        PublicKey publicKey = x509CertificateArr[0].getPublicKey();
        JcaX509ExtensionUtils jcaX509ExtensionUtils = new JcaX509ExtensionUtils();
        PKCS12SafeBag[] pKCS12SafeBagArr = new PKCS12SafeBag[x509CertificateArr.length];
        for (int length = x509CertificateArr.length - 1; length >= 0; length--) {
            JcaPKCS12SafeBagBuilder jcaPKCS12SafeBagBuilder = new JcaPKCS12SafeBagBuilder(x509CertificateArr[length]);
            if (length == 0) {
                jcaPKCS12SafeBagBuilder.addBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_localKeyId, jcaX509ExtensionUtils.createSubjectKeyIdentifier(publicKey));
            }
            pKCS12SafeBagArr[length] = jcaPKCS12SafeBagBuilder.build();
        }
        JcaPKCS12SafeBagBuilder jcaPKCS12SafeBagBuilder2 = new JcaPKCS12SafeBagBuilder(privateKey, new BcPKCS12PBEOutputEncryptorBuilder(PKCSObjectIdentifiers.pbeWithSHAAnd3_KeyTripleDES_CBC, new CBCBlockCipher(new DESedeEngine())).build(str.toCharArray()));
        jcaPKCS12SafeBagBuilder2.addBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_localKeyId, jcaX509ExtensionUtils.createSubjectKeyIdentifier(publicKey));
        PKCS12PfxPduBuilder pKCS12PfxPduBuilder = new PKCS12PfxPduBuilder();
        pKCS12PfxPduBuilder.addEncryptedData(new BcPKCS12PBEOutputEncryptorBuilder(PKCSObjectIdentifiers.pbeWithSHAAnd40BitRC2_CBC, new CBCBlockCipher(new RC2Engine())).build(str.toCharArray()), pKCS12SafeBagArr);
        pKCS12PfxPduBuilder.addData(jcaPKCS12SafeBagBuilder2.build());
        return pKCS12PfxPduBuilder.build(new BcPKCS12MacCalculatorBuilder(), str.toCharArray());
    }

    public byte[] inputStreamToByteArray(InputStream inputStream) {
        return inputStreamToByteArray(inputStream, BUFFER_SIZE);
    }

    public byte[] inputStreamToByteArray(InputStream inputStream, int i) {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byte[] bArr = new byte[i];
        while (true) {
            int read = inputStream.read(bArr, 0, bArr.length);
            if (read == -1) {
                byteArrayOutputStream.flush();
                return byteArrayOutputStream.toByteArray();
            }
            byteArrayOutputStream.write(bArr, 0, read);
        }
    }
}
