package com.wangyin.aks.security.api.util;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Iterator;
import javax.xml.bind.DatatypeConverter;
import org.bouncycastle.asn1.DEROutputStream;
import org.bouncycastle.asn1.cms.ContentInfo;
import org.bouncycastle.cms.CMSAlgorithm;
import org.bouncycastle.cms.CMSEnvelopedData;
import org.bouncycastle.cms.CMSEnvelopedDataGenerator;
import org.bouncycastle.cms.CMSException;
import org.bouncycastle.cms.CMSProcessableByteArray;
import org.bouncycastle.cms.RecipientInformation;
import org.bouncycastle.cms.RecipientInformationStore;
import org.bouncycastle.cms.jcajce.JceCMSContentEncryptorBuilder;
import org.bouncycastle.cms.jcajce.JceKeyTransEnvelopedRecipient;
import org.bouncycastle.cms.jcajce.JceKeyTransRecipientInfoGenerator;

/* loaded from: input_file:com/wangyin/aks/security/api/util/EnvelopUtil.class */
public class EnvelopUtil extends BCBase {
    public static String encryptEnvelop(byte[] bArr, String str) throws Exception {
        try {
            X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X509").generateCertificate(new ByteArrayInputStream(DatatypeConverter.parseBase64Binary(str)));
            CMSProcessableByteArray cMSProcessableByteArray = new CMSProcessableByteArray(bArr);
            CMSEnvelopedDataGenerator cMSEnvelopedDataGenerator = new CMSEnvelopedDataGenerator();
            cMSEnvelopedDataGenerator.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(x509Certificate).setProvider("BC"));
            ContentInfo aSN1Structure = cMSEnvelopedDataGenerator.generate(cMSProcessableByteArray, new JceCMSContentEncryptorBuilder(CMSAlgorithm.DES_EDE3_CBC).setProvider("BC").build()).toASN1Structure();
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            new DEROutputStream(byteArrayOutputStream).writeObject(aSN1Structure);
            return DatatypeConverter.printBase64Binary(byteArrayOutputStream.toByteArray());
        } catch (Exception e) {
            e.printStackTrace();
            throw e;
        }
    }

    public static byte[] decryptEnvelop(String str, String str2) throws Exception {
        return decryptEnvelop(str, DatatypeConverter.parseBase64Binary(str2));
    }

    public static byte[] decryptEnvelop(String str, byte[] bArr) throws Exception {
        byte[] bArr2 = null;
        try {
            RecipientInformationStore recipientInfos = new CMSEnvelopedData(DatatypeConverter.parseBase64Binary(str)).getRecipientInfos();
            PrivateKey generatePrivate = KeyFactory.getInstance(RSAUtil.KEY_ALGORITHM).generatePrivate(new PKCS8EncodedKeySpec(bArr));
            if (recipientInfos != null) {
                Iterator it = recipientInfos.getRecipients().iterator();
                while (it.hasNext()) {
                    bArr2 = ((RecipientInformation) it.next()).getContent(new JceKeyTransEnvelopedRecipient(generatePrivate).setProvider("BC"));
                }
            }
            return bArr2;
        } catch (CMSException e) {
            e.printStackTrace();
            throw e;
        }
    }
}
