package cn.szca.cert.bss.util;

import cn.szca.cert.bss.exception.BssException;
import cn.szca.cert.bss.exception.ExceptionConstant;
import com.alibaba.sdk.android.media.utils.RSAUtils;
import com.edao.ss.seccore.common.constants.SecError;
import com.edao.ss.seccore.common.exception.SecException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.Security;
import java.security.cert.X509Certificate;
import java.util.List;
import org.spongycastle.cert.X509CertificateHolder;
import org.spongycastle.cert.jcajce.JcaX509CertificateConverter;
import org.spongycastle.cms.CMSSignedData;
import org.spongycastle.jce.provider.BouncyCastleProvider;
import org.spongycastle.util.Selector;

/* loaded from: classes.dex */
public class CertUtil {
    static {
        Security.addProvider(new BouncyCastleProvider());
    }

    public static KeyPair genRSAKeyPair(int i) throws BssException {
        if (i != 1024 && i != 2048) {
            throw new BssException(ExceptionConstant.ErrorCode.KEY_SIZE_INVALID, ExceptionConstant.ErrorMsg.KEY_SIZE_INVALID);
        }
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(RSAUtils.KEY_ALGORITHM, "SC");
            keyPairGenerator.initialize(i);
            return keyPairGenerator.generateKeyPair();
        } catch (Exception e) {
            throw new BssException(ExceptionConstant.ErrorCode.KEYPAIR_GENERATE_ERROR, "keypair_generate_error " + e.getMessage());
        }
    }

    public static X509Certificate getCertFromP7(byte[] bArr) throws SecException {
        try {
            X509CertificateHolder x509CertificateHolder = null;
            for (X509CertificateHolder x509CertificateHolder2 : (List) new CMSSignedData(bArr).getCertificates().getMatches((Selector) null)) {
                if (!x509CertificateHolder2.getIssuer().toString().equals(x509CertificateHolder2.getSubject().toString())) {
                    x509CertificateHolder = x509CertificateHolder2;
                }
            }
            if (x509CertificateHolder != null) {
                return new JcaX509CertificateConverter().getCertificate(x509CertificateHolder);
            }
            return null;
        } catch (Exception e) {
            throw new SecException(SecError.GET_CERT_FROM_P7, SecError.GET_CERT_FROM_P7_MSG + " :\n" + e.getMessage());
        }
    }
}
