package com.huawei.secure.android.common.encrypt.rsa; import android.os.Build; import android.text.TextUtils; import android.util.Base64; import com.huawei.secure.android.common.encrypt.utils.EncryptUtil; import com.huawei.secure.android.common.encrypt.utils.b; import java.io.UnsupportedEncodingException; import java.security.GeneralSecurityException; import java.security.InvalidAlgorithmParameterException; import java.security.InvalidKeyException; import java.security.NoSuchAlgorithmException; import java.security.PrivateKey; import java.security.PublicKey; import java.security.Signature; import java.security.SignatureException; import java.security.interfaces.RSAPrivateKey; import java.security.interfaces.RSAPublicKey; import java.security.spec.MGF1ParameterSpec; import java.security.spec.PSSParameterSpec; public abstract class RSASign { private static final String a = "SHA256WithRSA"; private static final String b = "SHA256WithRSA/PSS"; private static final String c = "RSASign"; private static final String d = "UTF-8"; private static final String e = ""; private static String a(String str, String str2, boolean z) { if (TextUtils.isEmpty(str) || TextUtils.isEmpty(str2)) { b.b(c, "sign content or key is null"); return ""; } PrivateKey privateKey = EncryptUtil.getPrivateKey(str2); if (z) { return newSign(str, privateKey); } return sign(str, privateKey); } public static boolean isBuildVersionHigherThan23() { return Build.VERSION.SDK_INT > 23; } public static String newSign(String str, String str2) { if (isBuildVersionHigherThan23()) { return a(str, str2, true); } b.b(c, "sdk version is too low"); return ""; } public static boolean newVerifySign(String str, String str2, String str3) { if (isBuildVersionHigherThan23()) { return a(str, str2, str3, true); } b.b(c, "sdk version is too low"); return false; } @Deprecated public static String sign(String str, String str2) { return a(str, str2, false); } @Deprecated public static boolean verifySign(String str, String str2, String str3) { return a(str, str2, str3, false); } @Deprecated public static String sign(String str, PrivateKey privateKey) { return a(str, privateKey, false); } @Deprecated public static boolean verifySign(String str, String str2, PublicKey publicKey) { return a(str, str2, publicKey, false); } public static boolean verifySign(byte[] bArr, byte[] bArr2, PublicKey publicKey, boolean z) { Signature signature; if (bArr == null || publicKey == null || bArr2 == null || !RSAEncrypt.isPublicKeyLengthRight((RSAPublicKey) publicKey)) { b.b(c, "content or publicKey is null , or length is too short"); return false; } if (z) { try { signature = Signature.getInstance(b); signature.setParameter(new PSSParameterSpec("SHA-256", "MGF1", MGF1ParameterSpec.SHA256, 32, 1)); } catch (GeneralSecurityException e2) { String str = c; b.b(str, "check sign exception: " + e2.getMessage()); return false; } catch (Exception e3) { String str2 = c; b.b(str2, "exception : " + e3.getMessage()); return false; } } else { signature = Signature.getInstance(a); } signature.initVerify(publicKey); signature.update(bArr); return signature.verify(bArr2); } public static byte[] sign(byte[] bArr, PrivateKey privateKey, boolean z) { Signature signature; byte[] bArr2 = new byte[0]; if (bArr == null || privateKey == null || !RSAEncrypt.isPrivateKeyLengthRight((RSAPrivateKey) privateKey)) { b.b(c, "content or privateKey is null , or length is too short"); return bArr2; } if (z) { try { signature = Signature.getInstance(b); signature.setParameter(new PSSParameterSpec("SHA-256", "MGF1", MGF1ParameterSpec.SHA256, 32, 1)); } catch (NoSuchAlgorithmException e2) { String str = c; b.b(str, "sign NoSuchAlgorithmException: " + e2.getMessage()); return bArr2; } catch (InvalidKeyException e3) { String str2 = c; b.b(str2, "sign InvalidKeyException: " + e3.getMessage()); return bArr2; } catch (SignatureException e4) { String str3 = c; b.b(str3, "sign SignatureException: " + e4.getMessage()); return bArr2; } catch (InvalidAlgorithmParameterException e5) { String str4 = c; b.b(str4, "sign InvalidAlgorithmParameterException: " + e5.getMessage()); return bArr2; } catch (Exception e6) { String str5 = c; b.b(str5, "sign Exception: " + e6.getMessage()); return bArr2; } } else { signature = Signature.getInstance(a); } signature.initSign(privateKey); signature.update(bArr); return signature.sign(); } public static String newSign(String str, PrivateKey privateKey) { if (isBuildVersionHigherThan23()) { return a(str, privateKey, true); } b.b(c, "sdk version is too low"); return ""; } public static boolean newVerifySign(String str, String str2, PublicKey publicKey) { if (isBuildVersionHigherThan23()) { return a(str, str2, publicKey, true); } b.b(c, "sdk version is too low"); return false; } private static String a(String str, PrivateKey privateKey, boolean z) { try { return Base64.encodeToString(sign(str.getBytes(d), privateKey, z), 0); } catch (UnsupportedEncodingException e2) { String str2 = c; b.b(str2, "sign UnsupportedEncodingException: " + e2.getMessage()); return ""; } } private static boolean a(String str, String str2, String str3, boolean z) { if (TextUtils.isEmpty(str) || TextUtils.isEmpty(str3) || TextUtils.isEmpty(str2)) { b.b(c, "content or public key or sign value is null"); return false; } RSAPublicKey publicKey = EncryptUtil.getPublicKey(str3); if (z) { return newVerifySign(str, str2, publicKey); } return verifySign(str, str2, publicKey); } private static boolean a(String str, String str2, PublicKey publicKey, boolean z) { try { return verifySign(str.getBytes(d), Base64.decode(str2, 0), publicKey, z); } catch (UnsupportedEncodingException e2) { String str3 = c; b.b(str3, "verifySign UnsupportedEncodingException: " + e2.getMessage()); return false; } catch (Exception e3) { String str4 = c; b.b(str4, "base64 decode Exception : " + e3.getMessage()); return false; } } }