package cn.com.jit.mctk.process;

import cn.com.jit.ida.util.pki.PKIException;
import cn.com.jit.ida.util.pki.cert.X509Cert;
import cn.com.jit.ida.util.pki.cipher.Mechanism;
import cn.com.jit.ida.util.pki.cipher.Session;
import cn.com.jit.ida.util.pki.keystore.KeyEntry;
import cn.com.jit.mctk.contant.MCTKConstant;
import cn.com.jit.mctk.contant.SignMessageCode;
import cn.com.jit.mctk.exception.MCTKException;
import cn.com.jit.pnxclient.BaseManager;
import cn.com.jit.pnxclient.handler.HardCardHandler;
import cn.com.jit.pnxclient.handler.IKeyStoreHandler;
import cn.com.jit.pnxclient.handler.SoftKeyStoreHandler;
import cn.com.jit.pnxclient.pojo.CertEntry;
import java.util.List;

/* loaded from: classes.dex */
public class PKCS1SignerManager extends BaseManager {
    private static final long serialVersionUID = 2789722242009262725L;
    private CertEntry certEntry;
    protected String certPwd;
    protected String digestAlg;
    private IKeyStoreHandler softkeyStoreHandler;

    public PKCS1SignerManager() {
        this.certEntry = null;
        this.softkeyStoreHandler = null;
        this.digestAlg = "SHA1";
    }

    public PKCS1SignerManager(String str) {
        this.certEntry = null;
        this.softkeyStoreHandler = null;
        this.digestAlg = str;
    }

    private String convertAlg(String str) throws MCTKException {
        if (str.equalsIgnoreCase("SHA1")) {
            return "SHA1withRSAEncryption";
        }
        if (str.equalsIgnoreCase("SHA256")) {
            return "SHA256withRSAEncryption";
        }
        if (str.equalsIgnoreCase("MD5")) {
            return "MD5withRSAEncryption";
        }
        throw new MCTKException(SignMessageCode.AF000017);
    }

    private byte[] signResult(KeyEntry keyEntry, byte[] bArr) throws MCTKException {
        if (keyEntry == null || keyEntry.equals("")) {
            throw new MCTKException(SignMessageCode.AF000019);
        }
        try {
            Session session = this.keyStoreHandler.getSession();
            if (this.digestAlg == null || this.digestAlg.equals("")) {
                throw new MCTKException(SignMessageCode.AF000014);
            }
            try {
                return session.sign(new Mechanism(convertAlg(this.digestAlg)), keyEntry.getKey(), bArr);
            } catch (PKIException e) {
                throw new MCTKException(SignMessageCode.AF000012, e);
            }
        } catch (PKIException unused) {
            throw new MCTKException(SignMessageCode.AF000005);
        }
    }

    public CertEntry getCertEntry() {
        return this.certEntry;
    }

    public void setDigestAlg(String str) {
        this.digestAlg = str;
    }

    public byte[] sign(byte[] bArr) throws MCTKException {
        if (bArr == null) {
            throw new MCTKException(SignMessageCode.AF000013);
        }
        if (this.certPwd == null || this.certPwd.equals("")) {
            this.certPwd = MCTKConstant.CERT_PWD;
        }
        try {
            List<KeyEntry> keyEntryList = this.keyStoreHandler.getKeyEntryList();
            if (keyEntryList.isEmpty()) {
                throw new MCTKException(SignMessageCode.AF000004);
            }
            return signResult(this.keyStoreHandler.getKeyEntry(keyEntryList.get(0).getAilas(), this.certPwd), bArr);
        } catch (Exception unused) {
            throw new MCTKException(SignMessageCode.AF000019);
        }
    }

    public byte[] sign(byte[] bArr, String str) throws MCTKException {
        if (bArr == null) {
            throw new MCTKException(SignMessageCode.AF000013);
        }
        if (this.certPwd == null || this.certPwd.equals("")) {
            this.certPwd = MCTKConstant.CERT_PWD;
        }
        try {
            KeyEntry keyEntry = this.keyStoreHandler.getKeyEntry(str, this.certPwd);
            if (keyEntry == null || keyEntry.equals("")) {
                throw new MCTKException(SignMessageCode.AF000004);
            }
            return signResult(keyEntry, bArr);
        } catch (Exception unused) {
            throw new MCTKException(SignMessageCode.AF000019);
        }
    }

    public boolean verify(byte[] bArr, byte[] bArr2, String str) throws MCTKException {
        if (bArr == null) {
            throw new MCTKException(SignMessageCode.AF000013);
        }
        if (this.certPwd == null || this.certPwd.equals("")) {
            this.certPwd = MCTKConstant.CERT_PWD;
        }
        try {
            KeyEntry keyEntry = this.keyStoreHandler.getKeyEntry(str, this.certPwd);
            if (keyEntry == null || keyEntry.equals("")) {
                throw new MCTKException(SignMessageCode.AF000004);
            }
            if (this.keyStoreHandler instanceof HardCardHandler) {
                try {
                    this.softkeyStoreHandler = new SoftKeyStoreHandler();
                    this.softkeyStoreHandler.initialize();
                } catch (Exception unused) {
                    throw new MCTKException(SignMessageCode.AF000020);
                }
            } else {
                this.softkeyStoreHandler = this.keyStoreHandler;
            }
            try {
                Session session = this.softkeyStoreHandler.getSession();
                if (this.digestAlg == null || this.digestAlg.equals("")) {
                    throw new MCTKException(SignMessageCode.AF000014);
                }
                String convertAlg = convertAlg(this.digestAlg.trim());
                X509Cert cert = keyEntry.getCert();
                try {
                    boolean verifySign = session.verifySign(new Mechanism(convertAlg), cert.getPublicKey(), bArr, bArr2);
                    if (verifySign) {
                        this.certEntry = new CertEntry();
                        this.certEntry.setIssuer(cert.getIssuer());
                        this.certEntry.setStringSerialNumber(cert.getStringSerialNumber());
                        this.certEntry.setSubject(cert.getSubject());
                        this.certEntry.setNotBefore(cert.getNotBefore());
                        this.certEntry.setNotAfter(cert.getNotAfter());
                    }
                    if (verifySign) {
                        return verifySign;
                    }
                    throw new MCTKException(SignMessageCode.AF000016);
                } catch (PKIException e) {
                    throw new MCTKException(SignMessageCode.AF000016, e);
                }
            } catch (PKIException unused2) {
                throw new MCTKException(SignMessageCode.AF000005);
            }
        } catch (Exception unused3) {
            throw new MCTKException(SignMessageCode.AF000019);
        }
    }
}
