package com.koalii.kgsp.core.cert;

import com.koalii.kgsp.bc.asn1.pkcs.RSAPublicKey;
import com.koalii.kgsp.bc.asn1.x509.SubjectPublicKeyInfo;
import com.koalii.kgsp.bc.cert.X509CertificateHolder;
import com.koalii.kgsp.bc.crypto.params.RSAKeyParameters;
import com.koalii.kgsp.bc.jcajce.provider.asymmetric.rsa.KeyFactorySpi;
import com.koalii.kgsp.bc.jcajce.provider.asymmetric.rsa.RSAUtil;
import com.koalii.kgsp.bc.operator.DefaultDigestAlgorithmIdentifierFinder;
import com.koalii.kgsp.bc.operator.bc.BcRSAContentVerifierProviderBuilder;
import com.koalii.kgsp.core.exception.KcErrors;
import com.koalii.kgsp.core.exception.KcException;
import java.security.PublicKey;

/* loaded from: input_file:com/koalii/kgsp/core/cert/KcRSACertStore.class */
public class KcRSACertStore extends KcCertStoreImpl {
    public static final String keyAlgName = "RSA";

    public KcRSACertStore() {
    }

    public KcRSACertStore(X509CertificateHolder x509CertificateHolder) throws KcException {
        setCert(x509CertificateHolder);
    }

    @Override // com.koalii.kgsp.core.cert.KcCertStore
    public void setCert(X509CertificateHolder x509CertificateHolder) throws KcException {
        this.cert = x509CertificateHolder;
        this.publicKey = parseRsaPublicKey(x509CertificateHolder);
    }

    @Override // com.koalii.kgsp.core.cert.KcCertStore
    public PublicKey getJcaPublicKey() throws KcException {
        try {
            return new KeyFactorySpi().generatePublic(this.cert.getSubjectPublicKeyInfo());
        } catch (Exception e) {
            throw new KcException(KcErrors.ERROR_CORE_PUBLIC_KEY_PARSE, e);
        }
    }

    @Override // com.koalii.kgsp.core.cert.KcCertStore
    public boolean isIssuerOf(X509CertificateHolder x509CertificateHolder) {
        try {
            return x509CertificateHolder.isSignatureValid(new BcRSAContentVerifierProviderBuilder(new DefaultDigestAlgorithmIdentifierFinder()).build(getCert()));
        } catch (Exception e) {
            return false;
        }
    }

    @Override // com.koalii.kgsp.core.cert.KcCertStore
    public String getKeyAlgName() {
        return keyAlgName;
    }

    @Override // com.koalii.kgsp.core.cert.KcCertStore
    public int getKeyBitLength() throws KcException {
        if (null == this.publicKey) {
            throw new KcException(KcErrors.ERROR_CORE_PUBLIC_KEY_EMPTY);
        }
        return ((RSAKeyParameters) this.publicKey).getModulus().bitLength();
    }

    public static boolean isRsaCert(X509CertificateHolder x509CertificateHolder) {
        return isRsaKey(x509CertificateHolder.getSubjectPublicKeyInfo());
    }

    public static boolean isRsaKey(SubjectPublicKeyInfo subjectPublicKeyInfo) {
        return RSAUtil.isRsaOid(subjectPublicKeyInfo.getAlgorithm().getAlgorithm());
    }

    public static RSAKeyParameters parseRsaPublicKey(X509CertificateHolder x509CertificateHolder) throws KcException {
        if (isRsaCert(x509CertificateHolder)) {
            return parseRsaPublicKey(x509CertificateHolder.getSubjectPublicKeyInfo());
        }
        throw new KcException(KcErrors.ERROR_CORE_CERT_KEY_ALG);
    }

    public static RSAKeyParameters parseRsaPublicKey(SubjectPublicKeyInfo subjectPublicKeyInfo) throws KcException {
        if (!isRsaKey(subjectPublicKeyInfo)) {
            throw new KcException(KcErrors.ERROR_CORE_PRIVATE_KEY_ALG, "parse rsa private key failed");
        }
        try {
            RSAPublicKey rSAPublicKey = RSAPublicKey.getInstance(subjectPublicKeyInfo.parsePublicKey());
            return new RSAKeyParameters(false, rSAPublicKey.getModulus(), rSAPublicKey.getPublicExponent());
        } catch (Exception e) {
            throw new KcException(KcErrors.ERROR_CORE_PUBLIC_KEY_PARSE, e);
        }
    }
}
