package com.kinggrid.encrypt;

import com.kinggrid.commons.KGDateUtils;
import java.io.IOException;
import java.io.InputStream;
import java.security.InvalidKeyException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Date;
import java.util.Enumeration;
import org.kg.bouncycastle.jce.provider.BouncyCastleProvider;

/* loaded from: input_file:com/kinggrid/encrypt/KGSignature.class */
public class KGSignature {
    public static final String SHA1WITHRSA = "SHA1withRSA";
    private PrivateKey a;
    private Certificate[] b;
    private Signature c;

    public KGSignature(PrivateKey privateKey, Certificate[] certificateArr) {
        this.a = privateKey;
        this.b = certificateArr;
    }

    public KGSignature(InputStream inputStream, String str, String str2) throws KeyStoreException, NoSuchProviderException, NoSuchAlgorithmException, CertificateException, IOException, UnrecoverableKeyException {
        KeyStore keyStore = KeyStore.getInstance("PKCS12", "KGBC");
        keyStore.load(inputStream, str.toCharArray());
        Enumeration<String> aliases = keyStore.aliases();
        String str3 = null;
        while (this.a == null) {
            if (aliases.hasMoreElements()) {
                str3 = aliases.nextElement();
                this.a = (PrivateKey) keyStore.getKey(str3, str2.toCharArray());
            }
        }
        this.b = keyStore.getCertificateChain(str3);
    }

    public boolean verifyCertificateIsExpired() {
        Boolean bool = true;
        if (this.b != null && this.b.length > 0) {
            X509Certificate x509Certificate = (X509Certificate) this.b[0];
            bool = KGDateUtils.compareDate(new Date(), x509Certificate.getNotBefore()) >= 0 && KGDateUtils.compareDate(new Date(), x509Certificate.getNotAfter()) <= 0;
        }
        return bool.booleanValue();
    }

    public void initSign(String str) throws NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException {
        this.c = Signature.getInstance(str, "KGBC");
        this.c.initSign(this.a);
    }

    public void update(byte[] bArr) throws SignatureException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException {
        if (this.c == null) {
            initSign(SHA1WITHRSA);
        }
        this.c.update(bArr);
    }

    public byte[] sign() throws SignatureException {
        return this.c.sign();
    }

    public static boolean verify(Certificate certificate, byte[] bArr, byte[] bArr2, String str) {
        PublicKey publicKey = certificate.getPublicKey();
        try {
            Signature signature = Signature.getInstance(str, (Provider) new BouncyCastleProvider());
            signature.initVerify(publicKey);
            signature.update(bArr2);
            return signature.verify(bArr);
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    public PrivateKey getPrivateKey() {
        return this.a;
    }

    public void setPrivateKey(PrivateKey privateKey) {
        this.a = privateKey;
    }

    public Certificate[] getChain() {
        return this.b;
    }

    public void setChain(Certificate[] certificateArr) {
        this.b = certificateArr;
    }
}
