package cn.com.jit.mctk.process;

import cn.com.jit.ida.util.pki.PKIException;
import cn.com.jit.ida.util.pki.asn1.DERObject;
import cn.com.jit.ida.util.pki.cert.X509Cert;
import cn.com.jit.ida.util.pki.cipher.Mechanism;
import cn.com.jit.ida.util.pki.cipher.Session;
import cn.com.jit.ida.util.pki.cipher.param.P7Param;
import cn.com.jit.ida.util.pki.cipher.param.p7signInfo;
import cn.com.jit.ida.util.pki.crl.X509CRL;
import cn.com.jit.ida.util.pki.encoders.Base64;
import cn.com.jit.ida.util.pki.keystore.KeyEntry;
import cn.com.jit.ida.util.pki.pkcs.PKCS7;
import cn.com.jit.mctk.contant.MCTKConstant;
import cn.com.jit.mctk.contant.SignMessageCode;
import cn.com.jit.mctk.exception.MCTKException;
import cn.com.jit.pnxclient.BaseManager;
import cn.com.jit.pnxclient.constant.PNXConfigConstant;
import cn.com.jit.pnxclient.handler.HardCardHandler;
import cn.com.jit.pnxclient.handler.IKeyStoreHandler;
import cn.com.jit.pnxclient.handler.SoftKeyStoreHandler;
import cn.com.jit.pnxclient.pojo.CertEntry;
import cn.com.jit.pnxclient.util.FileUtil;
import java.util.List;

/* loaded from: classes.dex */
public class PKCS7SignerManager extends BaseManager {
    private static final long serialVersionUID = 7164750916287275326L;
    protected String a;
    protected String b;
    protected String c;
    private CertEntry certEntry;
    private IKeyStoreHandler softkeyStoreHandler;
    private byte[] vplaindata;

    public PKCS7SignerManager() {
        this.vplaindata = null;
        this.certEntry = null;
        this.softkeyStoreHandler = null;
        this.a = MCTKConstant.ATTACH;
        this.b = "SHA1";
    }

    public PKCS7SignerManager(String str, String str2) {
        this.vplaindata = null;
        this.certEntry = null;
        this.softkeyStoreHandler = null;
        this.a = str;
        this.b = str2;
    }

    private String convertAlg(String str) {
        if (str.equalsIgnoreCase("SHA1")) {
            return "SHA1withRSAEncryption";
        }
        if (str.equalsIgnoreCase("SHA256")) {
            return "SHA256withRSAEncryption";
        }
        if (str.equalsIgnoreCase("MD5")) {
            return "MD5withRSAEncryption";
        }
        if (str.equalsIgnoreCase(Mechanism.SM3)) {
            return "SM3withSM2Encryption";
        }
        throw new MCTKException(SignMessageCode.AF000017);
    }

    private byte[] handlePlainData(byte[] bArr, P7Param p7Param) {
        byte[] GetSource = p7Param.GetSource();
        if (GetSource != null && bArr == null) {
            return null;
        }
        if (GetSource == null && bArr != null) {
            return Base64.decode(bArr);
        }
        if (GetSource == null || bArr == null) {
            throw new MCTKException(SignMessageCode.AF000011);
        }
        throw new MCTKException(SignMessageCode.AF000010);
    }

    private byte[] signResult(KeyEntry keyEntry, byte[] bArr, IKeyStoreHandler iKeyStoreHandler) {
        if (keyEntry == null || keyEntry.equals("")) {
            throw new MCTKException(SignMessageCode.AF000004);
        }
        try {
            Session session = iKeyStoreHandler.getSession();
            X509Cert cert = keyEntry.getCert();
            PKCS7 pkcs7 = new PKCS7(session);
            X509Cert[] x509CertArr = {cert};
            P7Param[] p7ParamArr = {new P7Param()};
            if (this.b == null || this.b.equals("")) {
                throw new MCTKException(SignMessageCode.AF000014);
            }
            String convertAlg = convertAlg(this.b.trim());
            if (convertAlg.equals("SM3_SM2")) {
                pkcs7.setIsSMP7(true);
            }
            p7ParamArr[0].SetSignParam(keyEntry.getKey(), new Mechanism(convertAlg), x509CertArr, (X509CRL[]) null, (DERObject[]) null, (DERObject[]) null);
            byte[] encode = Base64.encode(bArr);
            try {
                return this.a.equalsIgnoreCase(MCTKConstant.ATTACH) ? pkcs7.genP7_Sign(Base64.decode(encode), p7ParamArr, true) : pkcs7.genP7_Sign(Base64.decode(encode), p7ParamArr, false);
            } catch (PKIException e) {
                throw new MCTKException(SignMessageCode.AF000006, e);
            }
        } catch (PKIException unused) {
            throw new MCTKException(SignMessageCode.AF000005);
        }
    }

    private byte[] signResult(KeyEntry keyEntry, byte[] bArr, IKeyStoreHandler iKeyStoreHandler, boolean z, boolean z2) {
        if (keyEntry == null || keyEntry.equals("")) {
            throw new MCTKException(SignMessageCode.AF000004);
        }
        try {
            Session session = iKeyStoreHandler.getSession();
            X509Cert cert = keyEntry.getCert();
            PKCS7 pkcs7 = new PKCS7(session);
            X509Cert[] x509CertArr = {cert};
            P7Param[] p7ParamArr = {new P7Param()};
            if (this.b == null || this.b.equals("")) {
                throw new MCTKException(SignMessageCode.AF000014);
            }
            String convertAlg = convertAlg(this.b.trim());
            if (convertAlg.equals("SM3_SM2")) {
                pkcs7.setIsSMP7(true);
            }
            p7ParamArr[0].SetSignParam(keyEntry.getKey(), new Mechanism(convertAlg), x509CertArr, (X509CRL[]) null, (DERObject[]) null, (DERObject[]) null);
            byte[] encode = Base64.encode(bArr);
            try {
                return this.a.equalsIgnoreCase(MCTKConstant.ATTACH) ? pkcs7.genP7_Sign(Base64.decode(encode), p7ParamArr, true, z, z2) : pkcs7.genP7_Sign(Base64.decode(encode), p7ParamArr, false, z, z2);
            } catch (PKIException e) {
                throw new MCTKException(SignMessageCode.AF000006, e);
            }
        } catch (PKIException unused) {
            throw new MCTKException(SignMessageCode.AF000005);
        }
    }

    private boolean verifyP7Signatures(byte[] bArr, p7signInfo[] p7signinfoArr, PKCS7 pkcs7, P7Param p7Param) {
        boolean z = false;
        for (int i = 0; i < p7signinfoArr.length; i++) {
            try {
                z = pkcs7.verifyP7Sign(p7Param.GetSignInfos()[i], bArr, null);
                if (z) {
                    X509Cert x509Cert = p7Param.GetCerts()[0];
                    this.certEntry = new CertEntry();
                    this.certEntry.setIssuer(x509Cert.getIssuer());
                    PNXConfigConstant.CERT_SERIALNUM_P7 = x509Cert.getStringSerialNumber();
                    this.certEntry.setStringSerialNumber(x509Cert.getStringSerialNumber());
                    this.certEntry.setSubject(x509Cert.getSubject());
                    this.certEntry.setNotBefore(x509Cert.getNotBefore());
                    this.certEntry.setNotAfter(x509Cert.getNotAfter());
                    if (bArr == null) {
                        this.vplaindata = p7Param.GetSource();
                    } else {
                        this.vplaindata = bArr;
                    }
                }
                if (!z) {
                    throw new MCTKException(SignMessageCode.AF000009);
                }
            } catch (PKIException unused) {
                throw new MCTKException(SignMessageCode.AF000009);
            }
        }
        return z;
    }

    private boolean verifyP7Signatures(byte[] bArr, p7signInfo[] p7signinfoArr, PKCS7 pkcs7, P7Param p7Param, byte[] bArr2) {
        int i = 0;
        boolean z = false;
        while (i < p7signinfoArr.length) {
            try {
                X509Cert x509Cert = new X509Cert(bArr2);
                boolean verifyP7Sign = pkcs7.verifyP7Sign(p7Param.GetSignInfos()[i], bArr, new X509Cert[]{x509Cert});
                if (verifyP7Sign) {
                    this.certEntry = new CertEntry();
                    this.certEntry.setIssuer(x509Cert.getIssuer());
                    PNXConfigConstant.CERT_SERIALNUM_P7 = x509Cert.getStringSerialNumber();
                    this.certEntry.setStringSerialNumber(x509Cert.getStringSerialNumber());
                    this.certEntry.setSubject(x509Cert.getSubject());
                    this.certEntry.setNotBefore(x509Cert.getNotBefore());
                    this.certEntry.setNotAfter(x509Cert.getNotAfter());
                    if (bArr == null) {
                        this.vplaindata = p7Param.GetSource();
                    } else {
                        this.vplaindata = bArr;
                    }
                }
                if (!verifyP7Sign) {
                    throw new MCTKException(SignMessageCode.AF000009);
                }
                i++;
                z = verifyP7Sign;
            } catch (PKIException unused) {
                throw new MCTKException(SignMessageCode.AF000009);
            }
        }
        return z;
    }

    public CertEntry getCertEntry() {
        return this.certEntry;
    }

    public byte[] getDataFromVerifyP7(byte[] bArr) {
        if (this.d instanceof HardCardHandler) {
            try {
                this.softkeyStoreHandler = new SoftKeyStoreHandler();
                this.softkeyStoreHandler.initialize();
            } catch (Exception unused) {
                throw new MCTKException(SignMessageCode.AF000020);
            }
        } else {
            this.softkeyStoreHandler = this.d;
        }
        try {
            Session session = this.softkeyStoreHandler.getSession();
            if (bArr == null) {
                throw new MCTKException(SignMessageCode.AF000015);
            }
            PKCS7 pkcs7 = new PKCS7(session);
            try {
                pkcs7.load(Base64.encode(bArr));
                try {
                    return pkcs7.GetP7Cnt().GetSource();
                } catch (PKIException e) {
                    throw new MCTKException(SignMessageCode.AF000007, e);
                }
            } catch (Exception e2) {
                throw new MCTKException(SignMessageCode.AF000007, e2);
            }
        } catch (PKIException unused2) {
            throw new MCTKException(SignMessageCode.AF000005);
        }
    }

    public byte[] getPlainDta() {
        return this.vplaindata;
    }

    public byte[] sign(byte[] bArr) {
        if (bArr == null) {
            throw new MCTKException(SignMessageCode.AF000013);
        }
        if (this.c == null || this.c.equals("")) {
            this.c = MCTKConstant.CERT_PWD;
        }
        try {
            List<KeyEntry> keyEntryList = this.d.getKeyEntryList();
            if (keyEntryList.isEmpty()) {
                throw new MCTKException(SignMessageCode.AF000004);
            }
            return signResult(this.d.getKeyEntry(keyEntryList.get(0).getAilas(), this.c), bArr, this.d);
        } catch (Exception unused) {
            throw new MCTKException(SignMessageCode.AF000004);
        }
    }

    public byte[] sign(byte[] bArr, String str) {
        if (bArr == null) {
            throw new MCTKException(SignMessageCode.AF000013);
        }
        if (this.c == null || this.c.equals("")) {
            this.c = MCTKConstant.CERT_PWD;
        }
        try {
            String buildFilePathByChdir = FileUtil.buildFilePathByChdir(str, PNXConfigConstant.P12_POSTFIX);
            return signResult(FileUtil.isFileExist(buildFilePathByChdir) ? FileUtil.loadSM2KeyEntry(this.c, buildFilePathByChdir, this.e, this.f) : FileUtil.isSm2SplitFileExists(str) ? FileUtil.loadSM2SplitFile(str, this.c, this.e, this.f) : this.d.getKeyEntry(str, this.c), bArr, this.d);
        } catch (Exception unused) {
            throw new MCTKException(SignMessageCode.AF000019);
        }
    }

    public byte[] sign(byte[] bArr, String str, boolean z, boolean z2) {
        if (bArr == null) {
            throw new MCTKException(SignMessageCode.AF000013);
        }
        if (this.c == null || this.c.equals("")) {
            this.c = MCTKConstant.CERT_PWD;
        }
        try {
            String buildFilePathByChdir = FileUtil.buildFilePathByChdir(str, PNXConfigConstant.P12_POSTFIX);
            return signResult(FileUtil.isFileExist(buildFilePathByChdir) ? FileUtil.loadSM2KeyEntry(this.c, buildFilePathByChdir, this.e, this.f) : FileUtil.isSm2SplitFileExists(str) ? FileUtil.loadSM2SplitFile(str, this.c, this.e, this.f) : this.d.getKeyEntry(str, this.c), bArr, this.d, z, z2);
        } catch (Exception unused) {
            throw new MCTKException(SignMessageCode.AF000019);
        }
    }

    public boolean verify(byte[] bArr, byte[] bArr2) {
        if (this.d instanceof HardCardHandler) {
            try {
                this.softkeyStoreHandler = new SoftKeyStoreHandler();
                this.softkeyStoreHandler.initialize();
            } catch (Exception unused) {
                throw new MCTKException(SignMessageCode.AF000020);
            }
        } else {
            this.softkeyStoreHandler = this.d;
        }
        try {
            Session session = this.softkeyStoreHandler.getSession();
            if (bArr == null) {
                throw new MCTKException(SignMessageCode.AF000015);
            }
            PKCS7 pkcs7 = new PKCS7(session);
            try {
                pkcs7.load(Base64.encode(bArr));
                try {
                    P7Param GetP7Cnt = pkcs7.GetP7Cnt();
                    pkcs7.setSession(session);
                    p7signInfo[] GetSignInfos = GetP7Cnt.GetSignInfos();
                    if (bArr2 != null) {
                        bArr2 = Base64.encode(bArr2);
                    }
                    return verifyP7Signatures(handlePlainData(bArr2, GetP7Cnt), GetSignInfos, pkcs7, GetP7Cnt);
                } catch (PKIException e) {
                    throw new MCTKException(SignMessageCode.AF000007, e);
                }
            } catch (Exception e2) {
                throw new MCTKException(SignMessageCode.AF000007, e2);
            }
        } catch (PKIException unused2) {
            throw new MCTKException(SignMessageCode.AF000005);
        }
    }

    public boolean verify(byte[] bArr, byte[] bArr2, byte[] bArr3) {
        if (this.d instanceof HardCardHandler) {
            try {
                this.softkeyStoreHandler = new SoftKeyStoreHandler();
                this.softkeyStoreHandler.initialize();
            } catch (Exception unused) {
                throw new MCTKException(SignMessageCode.AF000020);
            }
        } else {
            this.softkeyStoreHandler = this.d;
        }
        try {
            Session session = this.softkeyStoreHandler.getSession();
            if (bArr == null) {
                throw new MCTKException(SignMessageCode.AF000015);
            }
            PKCS7 pkcs7 = new PKCS7(session);
            try {
                pkcs7.load(Base64.encode(bArr));
                try {
                    P7Param GetP7Cnt = pkcs7.GetP7Cnt();
                    pkcs7.setSession(session);
                    p7signInfo[] GetSignInfos = GetP7Cnt.GetSignInfos();
                    if (bArr2 != null) {
                        bArr2 = Base64.encode(bArr2);
                    }
                    return verifyP7Signatures(handlePlainData(bArr2, GetP7Cnt), GetSignInfos, pkcs7, GetP7Cnt, bArr3);
                } catch (PKIException e) {
                    throw new MCTKException(SignMessageCode.AF000007, e);
                }
            } catch (Exception e2) {
                throw new MCTKException(SignMessageCode.AF000007, e2);
            }
        } catch (PKIException unused2) {
            throw new MCTKException(SignMessageCode.AF000005);
        }
    }
}
