package com.lsy.baselib.crypto.protocol;

import com.lsy.baselib.crypto.exception.TimeStampException;
import com.lsy.baselib.crypto.util.BytesUtil;
import com.lsy.baselib.crypto.util.CryptUtil;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.security.PrivateKey;
import java.security.Security;
import java.security.cert.CertStore;
import java.security.cert.CollectionCertStoreParameters;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Date;
import java.util.Iterator;
import org.bouncycastle.cms.CMSProcessableByteArray;
import org.bouncycastle.cms.CMSSignedData;
import org.bouncycastle.cms.CMSSignedDataGenerator;
import org.bouncycastle.cms.SignerInformation;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.util.encoders.Base64;

/* loaded from: input_file:com/lsy/baselib/crypto/protocol/TimeStamp.class */
public class TimeStamp {
    private static long INTERVAL_TIME = 600000;

    static {
        if (Security.getProvider("BC") == null) {
            Security.addProvider(new BouncyCastleProvider());
        }
    }

    public static byte[] makeTimeStamp(byte[] bArr, String str, String str2, long j) throws TimeStampException {
        try {
            return makeTimeStamp(bArr, CryptUtil.generateX509Certificate(Base64.decode(str.getBytes())), CryptUtil.generatePrivateKey(Base64.decode(str2.getBytes()), "RSA"), j);
        } catch (Exception e) {
            throw new TimeStampException("无效数字证书", e);
        }
    }

    public static byte[] makeTimeStamp(byte[] bArr, String str, String str2) throws TimeStampException {
        return makeTimeStamp(bArr, str, str2, INTERVAL_TIME);
    }

    public static byte[] makeTimeStamp(byte[] bArr, X509Certificate x509Certificate, PrivateKey privateKey, long j) throws TimeStampException {
        if (privateKey == null) {
            throw new TimeStampException("无效签名私钥");
        }
        if (bArr == null) {
            bArr = "".getBytes();
        }
        String valueOf = String.valueOf(new Date().getTime());
        String valueOf2 = String.valueOf(new Date().getTime() + j);
        ByteArrayOutputStream byteArrayOutputStream = null;
        try {
            try {
                CMSSignedDataGenerator cMSSignedDataGenerator = new CMSSignedDataGenerator();
                cMSSignedDataGenerator.addSigner(privateKey, x509Certificate, CMSSignedDataGenerator.DIGEST_SHA1);
                cMSSignedDataGenerator.addCertificatesAndCRLs(CertStore.getInstance("Collection", new CollectionCertStoreParameters(new ArrayList()), "BC"));
                byteArrayOutputStream = new ByteArrayOutputStream();
                byteArrayOutputStream.write(BytesUtil.intToBytes(bArr.length));
                byteArrayOutputStream.write(bArr);
                byteArrayOutputStream.write(BytesUtil.intToBytes(valueOf.length()));
                byteArrayOutputStream.write(valueOf.getBytes());
                byteArrayOutputStream.write(BytesUtil.intToBytes(valueOf2.length()));
                byteArrayOutputStream.write(valueOf2.getBytes());
                byte[] encoded = cMSSignedDataGenerator.generate(new CMSProcessableByteArray(byteArrayOutputStream.toByteArray()), true, "BC").getEncoded();
                if (byteArrayOutputStream != null) {
                    try {
                        byteArrayOutputStream.close();
                    } catch (Exception e) {
                    }
                }
                return encoded;
            } catch (Exception e2) {
                throw new TimeStampException("签名失败", e2);
            }
        } catch (Throwable th) {
            if (byteArrayOutputStream != null) {
                try {
                    byteArrayOutputStream.close();
                } catch (Exception e3) {
                }
            }
            throw th;
        }
    }

    public static byte[] makeTimeStamp(byte[] bArr, X509Certificate x509Certificate, PrivateKey privateKey) throws TimeStampException {
        return makeTimeStamp(bArr, x509Certificate, privateKey, INTERVAL_TIME);
    }

    public static boolean verifyTimeStamp(byte[] bArr, String str, String str2) throws TimeStampException {
        try {
            return verifyTimeStamp(bArr, CryptUtil.generateX509Certificate(Base64.decode(str.getBytes())), CryptUtil.generatePrivateKey(Base64.decode(str2.getBytes()), "RSA"));
        } catch (Exception e) {
            throw new TimeStampException("无效数字证书", e);
        }
    }

    public static boolean verifyTimeStamp(byte[] bArr, X509Certificate x509Certificate, PrivateKey privateKey) throws TimeStampException {
        if (privateKey == null || x509Certificate == null) {
            throw new TimeStampException("无效签名数字证书");
        }
        ByteArrayInputStream byteArrayInputStream = null;
        try {
            try {
                try {
                    CMSSignedData cMSSignedData = new CMSSignedData(bArr);
                    Iterator it = cMSSignedData.getSignerInfos().getSigners().iterator();
                    while (it.hasNext()) {
                        if (!((SignerInformation) it.next()).verify(x509Certificate.getPublicKey(), "BC")) {
                            throw new TimeStampException("时间戳签名无效!");
                        }
                        byteArrayInputStream = new ByteArrayInputStream((byte[]) cMSSignedData.getSignedContent().getContent());
                        byte[] bArr2 = new byte[4];
                        byteArrayInputStream.read(bArr2);
                        byteArrayInputStream.read(new byte[BytesUtil.bytesToInt(bArr2)]);
                        byteArrayInputStream.read(bArr2);
                        byteArrayInputStream.read(new byte[BytesUtil.bytesToInt(bArr2)]);
                        byteArrayInputStream.read(bArr2);
                        byte[] bArr3 = new byte[BytesUtil.bytesToInt(bArr2)];
                        byteArrayInputStream.read(bArr3);
                        if (new Date().getTime() > Long.parseLong(new String(bArr3))) {
                            throw new TimeStampException("时间戳已经过期!");
                        }
                    }
                    if (byteArrayInputStream != null) {
                        try {
                            byteArrayInputStream.close();
                        } catch (Exception e) {
                        }
                    }
                    return true;
                } catch (Throwable th) {
                    if (0 != 0) {
                        try {
                            byteArrayInputStream.close();
                        } catch (Exception e2) {
                        }
                    }
                    throw th;
                }
            } catch (Exception e3) {
                throw new TimeStampException("无效的时间戳!", e3);
            }
        } catch (TimeStampException e4) {
            throw e4;
        }
    }
}
