package cn.com.infosec.netsign.base.processors;

import cn.com.infosec.isfw2.sfw.Request;
import cn.com.infosec.isfw2.sfw.Response;
import cn.com.infosec.netsign.base.AbstractMessage;
import cn.com.infosec.netsign.base.ErrorInfoRes;
import cn.com.infosec.netsign.base.NSMessage;
import cn.com.infosec.netsign.base.channels.ServerChannel;
import cn.com.infosec.netsign.base.processors.util.ProcessUtil;
import cn.com.infosec.netsign.base.util.ServerKeyStore;
import cn.com.infosec.netsign.base.util.Utils;
import cn.com.infosec.netsign.crypto.algorithm.DigestAlgorithm;
import cn.com.infosec.netsign.crypto.util.AlgorithmUtil;
import cn.com.infosec.netsign.crypto.util.Base64;
import cn.com.infosec.netsign.crypto.util.SoftCryptoImpl;
import cn.com.infosec.netsign.frame.config.ExtendedConfig;
import cn.com.infosec.netsign.isfwimpl.NetSignProcessor;
import cn.com.infosec.netsign.isfwimpl.NetSignRequest;
import cn.com.infosec.netsign.isfwimpl.NetSignResponse;
import cn.com.infosec.netsign.manager.CryptoManager;
import cn.com.infosec.oscca.SDFJNI;
import java.security.NoSuchAlgorithmException;

/* loaded from: input_file:cn/com/infosec/netsign/base/processors/CPICRAWSignProcessor.class */
public class CPICRAWSignProcessor implements NetSignProcessor {
    private ServerChannel channel;

    public CPICRAWSignProcessor() {
    }

    public CPICRAWSignProcessor(ServerChannel serverChannel) {
        this.channel = serverChannel;
    }

    @Override // cn.com.infosec.netsign.isfwimpl.NetSignProcessor
    public void setChannel(ServerChannel serverChannel) {
        if (this.channel != serverChannel) {
            this.channel = serverChannel;
        }
    }

    private static byte[] generateSignMsg(byte[] bArr, ServerKeyStore serverKeyStore, String str, AbstractMessage abstractMessage, boolean z, String str2) {
        byte[] bArr2 = (byte[]) null;
        if (serverKeyStore == null) {
            abstractMessage.setResult(-100204);
            abstractMessage.setErrMsg(ErrorInfoRes.getErrorInfo(-100204));
            return bArr2;
        }
        if (z) {
            try {
                if (str.startsWith("1.2.156.197.1.401") || str.startsWith("SM3")) {
                    bArr2 = SDFJNI.SM2SignWithExternalKey(bArr, str, serverKeyStore.getPrivateKey().getD(), serverKeyStore.getPublicKey(), Utils.getOSCCApucID(2, null));
                } else {
                    DigestAlgorithm digestAlgByName = AlgorithmUtil.getDigestAlgByName(str);
                    if (digestAlgByName == null) {
                        throw new NoSuchAlgorithmException(new StringBuffer("The DigestAlgorithm ").append(str).append(" Can not been Supported").toString());
                    }
                    bArr2 = CryptoManager.getHardCryptoImpl().SignWithAlg(serverKeyStore.getLabel(), bArr, digestAlgByName.getValue());
                }
            } catch (Exception e) {
                ProcessUtil.throwDetailException(e, abstractMessage);
            }
        } else {
            try {
                if (str.startsWith("1.2.156.197.1.401") || str.startsWith("SM3")) {
                    bArr2 = SDFJNI.SM2SignWithExternalKey(bArr, str, serverKeyStore.getPrivateKey().getD(), serverKeyStore.getPublicKey(), Utils.getOSCCApucID(2, null));
                } else {
                    if (AlgorithmUtil.getDigestAlgByName(str) == null) {
                        throw new NoSuchAlgorithmException(new StringBuffer("The DigestAlgorithm ").append(str).append(" Can not been Supported").toString());
                    }
                    bArr2 = SoftCryptoImpl.sign(serverKeyStore.getPrivateKey(), bArr, str, str2);
                }
            } catch (Exception e2) {
                ProcessUtil.throwDetailException(e2, abstractMessage);
            }
        }
        return bArr2;
    }

    public Response process(Request request) {
        NetSignRequest netSignRequest = (NetSignRequest) request;
        NSMessage nSMessage = netSignRequest.getNSMessage();
        String stringBuffer = new StringBuffer(String.valueOf(this.channel.getId())).append(" ").append(nSMessage.getAddress()).append(" CPICRAWSign failed:").toString();
        NSMessage createNSMessage = ProcessUtil.createNSMessage(nSMessage);
        byte[] plainText = nSMessage.getPlainText();
        if (plainText == null || plainText.length == 0) {
            createNSMessage.setResult(ErrorInfoRes.NULL_MSG_CONTENT_ERROR);
            createNSMessage.setErrMsg(ErrorInfoRes.getErrorInfo(ErrorInfoRes.NULL_MSG_CONTENT_ERROR));
            ProcessUtil.log(this.channel.getDebugLogger(), this.channel.getId(), nSMessage, createNSMessage);
            ProcessUtil.accessLog(this.channel.getAccessLogger(), new StringBuffer(String.valueOf(stringBuffer)).append(createNSMessage.getResult()).toString(), this.channel.getLogLevel());
            return NetSignResponse.createNetSignResponse(createNSMessage, netSignRequest.getProtocol());
        }
        String signCertDN = nSMessage.getSignCertDN();
        ServerKeyStore signKeyStore = this.channel.getSignKeyStore(signCertDN);
        if (signKeyStore == null) {
            createNSMessage.setResult(-100204);
            createNSMessage.setErrMsg(new StringBuffer("CPICRAWSignProcessor Can not find signcert by ").append(signCertDN).toString());
            ProcessUtil.log(this.channel.getDebugLogger(), this.channel.getId(), nSMessage, createNSMessage);
            ProcessUtil.accessLog(this.channel.getAccessLogger(), new StringBuffer(String.valueOf(stringBuffer)).append(createNSMessage.getResult()).toString(), this.channel.getLogLevel());
            return NetSignResponse.createNetSignResponse(createNSMessage, netSignRequest.getProtocol());
        }
        byte[] generateSignMsg = generateSignMsg(plainText, this.channel.getSignKeyStore(signCertDN), ProcessUtil.getDigestAlgoritim(nSMessage, this.channel, signKeyStore), createNSMessage, this.channel.isUsedHardware(), ExtendedConfig.getSignProvider());
        if (createNSMessage.getResult() < 0) {
            ProcessUtil.log(this.channel.getDebugLogger(), this.channel.getId(), nSMessage, createNSMessage);
            ProcessUtil.accessLog(this.channel.getAccessLogger(), new StringBuffer(String.valueOf(stringBuffer)).append(createNSMessage.getResult()).toString(), this.channel.getLogLevel());
            return NetSignResponse.createNetSignResponse(createNSMessage, netSignRequest.getProtocol());
        }
        String lowerCase = signKeyStore.getSerialNumber().toLowerCase();
        String stringBuffer2 = lowerCase.length() % 2 == 0 ? lowerCase : new StringBuffer("0").append(lowerCase).toString();
        StringBuilder sb = new StringBuilder();
        sb.append(Base64.encode(generateSignMsg)).append("#");
        byte[] bArr = new byte[stringBuffer2.length() + 1 + plainText.length];
        System.arraycopy(stringBuffer2.getBytes(), 0, bArr, 0, stringBuffer2.length());
        bArr[stringBuffer2.length()] = 35;
        System.arraycopy(plainText, 0, bArr, stringBuffer2.length() + 1, plainText.length);
        sb.append(Base64.encode(bArr));
        createNSMessage.setCryptoText(sb.toString().getBytes());
        ProcessUtil.accessLog(this.channel.getAccessLogger(), new StringBuffer(String.valueOf(this.channel.getId())).append(" ").append(nSMessage.getAddress()).append(" CPICRAWSign success").toString(), this.channel.getLogLevel());
        return NetSignResponse.createNetSignResponse(createNSMessage, netSignRequest.getProtocol());
    }
}
