package cn.com.infosec.netsign.base.processors;

import cn.com.infosec.isfw2.sfw.Request;
import cn.com.infosec.isfw2.sfw.Response;
import cn.com.infosec.netsign.base.AbstractMessage;
import cn.com.infosec.netsign.base.ErrorInfoRes;
import cn.com.infosec.netsign.base.NSMessage;
import cn.com.infosec.netsign.base.channels.ServerChannel;
import cn.com.infosec.netsign.base.processors.util.ProcessUtil;
import cn.com.infosec.netsign.base.util.ServerKeyStore;
import cn.com.infosec.netsign.base.util.Utils;
import cn.com.infosec.netsign.crypto.algorithm.DigestAlgorithm;
import cn.com.infosec.netsign.crypto.util.AlgorithmUtil;
import cn.com.infosec.netsign.crypto.util.SoftCryptoImpl;
import cn.com.infosec.netsign.frame.config.ExtendedConfig;
import cn.com.infosec.netsign.isfwimpl.NetSignProcessor;
import cn.com.infosec.netsign.isfwimpl.NetSignRequest;
import cn.com.infosec.netsign.isfwimpl.NetSignResponse;
import cn.com.infosec.netsign.manager.CryptoManager;
import cn.com.infosec.netsign.resources.rawcert.PBCRAWCert;
import cn.com.infosec.netsign.resources.rawcert.PBCRAWCertResourceList;
import cn.com.infosec.oscca.SDFJNI;
import cn.com.infosec.oscca.sm2.SM2PrivateKey;
import java.security.NoSuchAlgorithmException;

/* loaded from: input_file:cn/com/infosec/netsign/base/processors/RAWSignProcessor.class */
public class RAWSignProcessor implements NetSignProcessor {
    private ServerChannel channel;
    private PBCRAWCertResourceList certList;

    public RAWSignProcessor() {
    }

    @Override // cn.com.infosec.netsign.isfwimpl.NetSignProcessor
    public void setChannel(ServerChannel serverChannel) {
        if (this.channel != serverChannel) {
            this.channel = serverChannel;
        }
    }

    private static byte[] generateSignMsg(byte[] bArr, ServerKeyStore serverKeyStore, String str, AbstractMessage abstractMessage, boolean z, String str2) {
        byte[] bArr2 = (byte[]) null;
        if (serverKeyStore == null) {
            abstractMessage.setResult(-100204);
            abstractMessage.setErrMsg(ErrorInfoRes.getErrorInfo(-100204));
            return bArr2;
        }
        if (serverKeyStore.getPrivateKey() instanceof SM2PrivateKey) {
            if (z) {
                try {
                    bArr2 = SDFJNI.SM2SignWithExternalKey(bArr, str, serverKeyStore.getPrivateKey().getD(), serverKeyStore.getPublicKey(), Utils.getOSCCApucID(2, null));
                } catch (Exception e) {
                    ProcessUtil.throwDetailException(e, abstractMessage);
                }
            } else {
                try {
                    bArr2 = SDFJNI.SM2SignWithExternalKey(bArr, str, serverKeyStore.getPrivateKey().getD(), serverKeyStore.getPublicKey(), Utils.getOSCCApucID(2, null));
                } catch (Exception e2) {
                    ProcessUtil.throwDetailException(e2, abstractMessage);
                }
            }
        } else if (z) {
            try {
                DigestAlgorithm digestAlgByName = AlgorithmUtil.getDigestAlgByName(str);
                if (digestAlgByName == null) {
                    throw new NoSuchAlgorithmException(new StringBuffer("The DigestAlgorithm ").append(str).append(" Can not been Supported").toString());
                }
                bArr2 = CryptoManager.getHardCryptoImpl().SignWithAlg(serverKeyStore.getLabel(), bArr, digestAlgByName.getValue());
            } catch (Exception e3) {
                ProcessUtil.throwDetailException(e3, abstractMessage);
            }
        } else {
            try {
                if (AlgorithmUtil.getDigestAlgByName(str) == null) {
                    throw new NoSuchAlgorithmException(new StringBuffer("The DigestAlgorithm ").append(str).append(" Can not been Supported").toString());
                }
                bArr2 = SoftCryptoImpl.sign(serverKeyStore.getPrivateKey(), bArr, str, str2);
            } catch (Exception e4) {
                ProcessUtil.throwDetailException(e4, abstractMessage);
            }
        }
        return bArr2;
    }

    public RAWSignProcessor(ServerChannel serverChannel) {
        this.channel = serverChannel;
    }

    public Response process(Request request) {
        ServerKeyStore signKeyStore;
        NetSignRequest netSignRequest = (NetSignRequest) request;
        NSMessage nSMessage = netSignRequest.getNSMessage();
        String stringBuffer = new StringBuffer(String.valueOf(this.channel.getId())).append(" ").append(nSMessage.getAddress()).append(" RAWSign failed:").toString();
        NSMessage createNSMessage = ProcessUtil.createNSMessage(nSMessage);
        byte[] disassemble = ProcessUtil.disassemble(nSMessage.getPlainText(), this.channel.isCryptoCommunicate(), this.channel.getCryptoUtil(), nSMessage, createNSMessage);
        if (createNSMessage.getResult() < 0) {
            ProcessUtil.log(this.channel.getDebugLogger(), this.channel.getId(), nSMessage, createNSMessage);
            ProcessUtil.accessLog(this.channel.getAccessLogger(), new StringBuffer(String.valueOf(stringBuffer)).append(createNSMessage.getResult()).toString(), this.channel.getLogLevel());
            return NetSignResponse.createNetSignResponse(createNSMessage, netSignRequest.getProtocol());
        }
        String signCertDN = nSMessage.getSignCertDN();
        String str = "".equals(signCertDN) ? null : signCertDN;
        if (str != null) {
            signKeyStore = this.channel.getSignKeyStore(str);
            if (signKeyStore == null) {
                this.certList = ProcessUtil.getResourceList(this.channel, nSMessage.getResourceName());
                PBCRAWCert pBCRAWCert = ProcessUtil.getPBCRAWCert(str, this.certList);
                if (pBCRAWCert != null && pBCRAWCert.getCertDN() != null) {
                    signKeyStore = this.channel.getSignKeyStore(pBCRAWCert.getCertDN());
                }
            }
        } else {
            signKeyStore = this.channel.getSignKeyStore(str);
        }
        byte[] generateSignMsg = generateSignMsg(disassemble, signKeyStore, ProcessUtil.getDigestAlgoritim(nSMessage, this.channel, signKeyStore), createNSMessage, this.channel.isUsedHardware(), ExtendedConfig.getSignProvider());
        if (createNSMessage.getResult() < 0) {
            ProcessUtil.log(this.channel.getDebugLogger(), this.channel.getId(), nSMessage, createNSMessage);
            ProcessUtil.accessLog(this.channel.getAccessLogger(), new StringBuffer(String.valueOf(stringBuffer)).append(createNSMessage.getResult()).toString(), this.channel.getLogLevel());
            return NetSignResponse.createNetSignResponse(createNSMessage, netSignRequest.getProtocol());
        }
        if (ExtendedConfig.isReturnSignResult()) {
            createNSMessage.setCryptoText(generateSignMsg);
        }
        ProcessUtil.accessLog(this.channel.getAccessLogger(), new StringBuffer(String.valueOf(this.channel.getId())).append(" ").append(nSMessage.getAddress()).append(" RAWSign success").toString(), this.channel.getLogLevel());
        return NetSignResponse.createNetSignResponse(createNSMessage, netSignRequest.getProtocol());
    }
}
