package cn.com.infosec.netsign.agent;

import cn.com.infosec.jce.provider.InfosecProvider;
import cn.com.infosec.jce.provider.JCERSAPublicKey;
import cn.com.infosec.jce.provider.JCESM2PublicKey;
import cn.com.infosec.jce.provider.X509CertificateObject;
import cn.com.infosec.netsign.agent.exception.NetSignAgentException;
import cn.com.infosec.netsign.agent.resource.AgentErrorRes;
import cn.com.infosec.netsign.base.AbstractMessage;
import cn.com.infosec.netsign.base.NSMessage;
import cn.com.infosec.netsign.base.NSMessageOpt;
import cn.com.infosec.netsign.base.processors.util.GZipUtil;
import cn.com.infosec.netsign.crypto.util.Base64;
import cn.com.infosec.netsign.crypto.util.SoftCryptoImpl;
import cn.com.infosec.netsign.logger.ConsoleLogger;
import cn.com.infosec.oscca.sm2.SM2PublicKey;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.KeyFactory;
import java.security.MessageDigest;
import java.security.PublicKey;
import java.security.Security;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.RSAPublicKeySpec;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
import java.util.zip.GZIPInputStream;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.transform.TransformerFactory;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;

/* loaded from: input_file:cn/com/infosec/netsign/agent/NetSignAgentUtil.class */
public class NetSignAgentUtil {
    static {
        if (Security.getProvider("INFOSEC") == null) {
            Security.addProvider(new InfosecProvider());
        }
    }

    public static byte[] xmlCanonical(byte[] bArr) throws Exception {
        ByteArrayInputStream byteArrayInputStream = null;
        ByteArrayOutputStream byteArrayOutputStream = null;
        try {
            byteArrayInputStream = new ByteArrayInputStream(bArr);
            DOMSource dOMSource = new DOMSource(DocumentBuilderFactory.newInstance().newDocumentBuilder().parse(byteArrayInputStream).getDocumentElement());
            byteArrayOutputStream = new ByteArrayOutputStream();
            TransformerFactory.newInstance().newTransformer().transform(dOMSource, new StreamResult(byteArrayOutputStream));
            byte[] byteArray = byteArrayOutputStream.toByteArray();
            if (byteArrayInputStream != null) {
                try {
                    byteArrayInputStream.close();
                } catch (Exception e) {
                }
            }
            if (byteArrayOutputStream != null) {
                try {
                    byteArrayOutputStream.close();
                } catch (Exception e2) {
                }
            }
            return byteArray;
        } catch (Throwable th) {
            if (byteArrayInputStream != null) {
                try {
                    byteArrayInputStream.close();
                } catch (Exception e3) {
                }
            }
            if (byteArrayOutputStream != null) {
                try {
                    byteArrayOutputStream.close();
                } catch (Exception e4) {
                }
            }
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String encode(byte[] bArr) {
        return Base64.encode(bArr);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static byte[] decode(String str) throws NetSignAgentException {
        try {
            return Base64.decode(str);
        } catch (Exception e) {
            throw new NetSignAgentException(AgentErrorRes.BASE64_DECODE_ERROR, e.getMessage());
        }
    }

    public static NSMessage createMessage(String str) {
        NSMessage nSMessage = new NSMessage();
        nSMessage.setType("request");
        nSMessage.setProcessor(str);
        nSMessage.setClientId(NetSignAgentRes.getClientId());
        return nSMessage;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static byte[] checkOrZip(byte[] bArr, NSMessage nSMessage) throws NetSignAgentException {
        try {
            new GZIPInputStream(new ByteArrayInputStream(bArr));
            nSMessage.setZipMode(true);
            return bArr;
        } catch (IOException e) {
            if (e.getMessage().toLowerCase().startsWith("not in gzip format")) {
                return checkAndZip(bArr, nSMessage);
            }
            throw new NetSignAgentException(AgentErrorRes.INVALID_MSG_FORMAT, e.getMessage());
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static byte[] checkAndZip(byte[] bArr, NSMessage nSMessage) throws NetSignAgentException {
        if (!NetSignAgentRes.isZipMode() || bArr.length < NetSignAgentRes.getMinZipSize()) {
            nSMessage.setZipMode(false);
            return bArr;
        }
        nSMessage.setZipMode(true);
        try {
            return GZipUtil.zip(bArr);
        } catch (IOException e) {
            if (NetSignAgent.getDebugWriter() != null) {
                NetSignAgent.getDebugWriter().println(new Date() + " Zip message failed, the error code is " + AgentErrorRes.ZIP_MSG_ERROR + ", the error is " + e.getMessage());
            }
            throw new NetSignAgentException(AgentErrorRes.ZIP_MSG_ERROR, e.getMessage());
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static byte[] checkAndEncrypt(byte[] bArr, NSMessage nSMessage) throws NetSignAgentException {
        if (NetSignAgentRes.getCommunicateMode() != 0) {
            nSMessage.setCommunicateMode(1);
            return bArr;
        }
        nSMessage.setCommunicateMode(0);
        nSMessage.setEncKey(NetSignAgentRes.getEncSecKey());
        nSMessage.setKeyHash(NetSignAgentRes.getKeyHash());
        try {
            return SoftCryptoImpl.encrypt(SoftCryptoImpl.RC4, NetSignAgentRes.getSecKey(), bArr, (byte[]) null);
        } catch (Exception e) {
            if (NetSignAgent.getDebugWriter() != null) {
                NetSignAgent.getDebugWriter().println(new Date() + " Encrypt message failed, the error code is " + AgentErrorRes.ENCRYPT_MSG_ERROR + ", the error is " + e.getMessage());
            }
            throw new NetSignAgentException(AgentErrorRes.ENCRYPT_MSG_ERROR, e.getMessage());
        }
    }

    static byte[] checkAndDecrypt(byte[] bArr, int i) throws NetSignAgentException {
        if (i != 0) {
            return bArr;
        }
        try {
            return SoftCryptoImpl.decrypt(SoftCryptoImpl.RC4, NetSignAgentRes.getSecKey(), bArr, "12345678".getBytes());
        } catch (Exception e) {
            if (NetSignAgent.getDebugWriter() != null) {
                NetSignAgent.getDebugWriter().println(new Date() + " Decrypt message failed, the error code is " + AgentErrorRes.DECRYPT_MSG_ERROR + ", the error is " + e.getMessage());
            }
            throw new NetSignAgentException(AgentErrorRes.DECRYPT_MSG_ERROR, e.getMessage());
        }
    }

    static byte[] checkAndUnzip(byte[] bArr, boolean z) throws NetSignAgentException {
        if (!z) {
            return bArr;
        }
        try {
            return GZipUtil.unzip(bArr);
        } catch (IOException e) {
            if (NetSignAgent.getDebugWriter() != null) {
                NetSignAgent.getDebugWriter().println(new Date() + " Unzip message failed, the error code is " + AgentErrorRes.UNZIP_MSG_ERROR + ", the error is " + e.getMessage());
            }
            throw new NetSignAgentException(AgentErrorRes.UNZIP_MSG_ERROR, e.getMessage());
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void checkAndSetTSA(String str, NSMessage nSMessage) throws NetSignAgentException {
        if (str == null) {
            nSMessage.setUsedTSA(false);
        } else {
            nSMessage.setUsedTSA(true);
            nSMessage.setTSAText(decode(str));
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static NetSignResult attachedVerifyResult(NSMessageOpt nSMessageOpt) throws NetSignAgentException {
        HashMap hashMap = new HashMap();
        byte[] checkAndUnzip = checkAndUnzip(checkAndDecrypt(nSMessageOpt.getPlainText(), nSMessageOpt.getCommunicateMode()), nSMessageOpt.isZipMode());
        hashMap.put(NetSignResult.RESULT_NUMBER, new StringBuilder(String.valueOf(nSMessageOpt.getResult())).toString());
        hashMap.put(NetSignResult.PLAIN_TEXT, checkAndUnzip);
        if (nSMessageOpt.isTransCert()) {
            hashMap.put(NetSignResult.SIGN_CERT, nSMessageOpt.getCert());
        }
        if (nSMessageOpt.getDigestAlg() != null) {
            hashMap.put(NetSignResult.DIGEST_ALG, nSMessageOpt.getDigestAlg());
        }
        hashMap.put(NetSignResult.SIGN_SUBJECT, nSMessageOpt.getSignSubject());
        hashMap.put(NetSignResult.SIGN_SER_NUMBER, nSMessageOpt.getSignSerNumber());
        hashMap.put(NetSignResult.SIGN_ISSUER_SUBJECT, nSMessageOpt.getSignIssuerSubject());
        hashMap.put(NetSignResult.SIGN_START_TIME, nSMessageOpt.getSignStartTime());
        hashMap.put(NetSignResult.SIGN_END_TIME, nSMessageOpt.getSignEndtime());
        if (nSMessageOpt.getUsedTSA()) {
            hashMap.put(NetSignResult.TSA_GEN_TIME, nSMessageOpt.getTSAGenerateTime());
        }
        return new NetSignResult(hashMap);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static ArrayList pdfVerifyResult(NSMessageOpt nSMessageOpt) {
        return nSMessageOpt.getPDFVerifyResults();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static ArrayList xmlVerifyResult(NSMessageOpt nSMessageOpt) {
        return nSMessageOpt.getXmlVerifyResults();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static NetSignResult detachedVerifyResult(NSMessageOpt nSMessageOpt) {
        HashMap hashMap = new HashMap();
        if (nSMessageOpt.isTransCert()) {
            hashMap.put(NetSignResult.SIGN_CERT, nSMessageOpt.getCert());
        }
        if (nSMessageOpt.getDigestAlg() != null) {
            hashMap.put(NetSignResult.DIGEST_ALG, nSMessageOpt.getDigestAlg());
        }
        hashMap.put(NetSignResult.SIGN_SUBJECT, nSMessageOpt.getSignSubject());
        hashMap.put(NetSignResult.SIGN_SER_NUMBER, nSMessageOpt.getSignSerNumber());
        hashMap.put(NetSignResult.SIGN_ISSUER_SUBJECT, nSMessageOpt.getSignIssuerSubject());
        hashMap.put(NetSignResult.SIGN_START_TIME, nSMessageOpt.getSignStartTime());
        hashMap.put(NetSignResult.SIGN_END_TIME, nSMessageOpt.getSignEndtime());
        if (nSMessageOpt.getUsedTSA()) {
            hashMap.put(NetSignResult.TSA_GEN_TIME, nSMessageOpt.getTSAGenerateTime());
        }
        return new NetSignResult(hashMap);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static NetSignResult rawVerifyResult(NSMessageOpt nSMessageOpt) {
        HashMap hashMap = new HashMap();
        if (nSMessageOpt.getUsedTSA()) {
            hashMap.put(NetSignResult.TSA_GEN_TIME, nSMessageOpt.getTSAGenerateTime());
        }
        if (nSMessageOpt.getDigestAlg() != null) {
            hashMap.put(NetSignResult.DIGEST_ALG, nSMessageOpt.getDigestAlg());
        }
        if (nSMessageOpt.getProcessor().equals("PBCRAWVerifyProcessor")) {
            hashMap.put(NetSignResult.SIGN_SUBJECT, nSMessageOpt.getSignSubject());
            hashMap.put(NetSignResult.SIGN_SER_NUMBER, nSMessageOpt.getSignSerNumber());
            hashMap.put(NetSignResult.SIGN_ISSUER_SUBJECT, nSMessageOpt.getSignIssuerSubject());
            hashMap.put(NetSignResult.SIGN_START_TIME, nSMessageOpt.getSignStartTime());
            hashMap.put(NetSignResult.SIGN_END_TIME, nSMessageOpt.getSignEndtime());
        }
        return new NetSignResult(hashMap);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static NetSignResult signatureResult(NSMessage nSMessage) throws NetSignAgentException {
        HashMap hashMap = new HashMap();
        hashMap.put(NetSignResult.SIGN_TEXT, checkAndUnzip(checkAndDecrypt(nSMessage.getCryptoText(), nSMessage.getCommunicateMode()), nSMessage.isZipMode()));
        if (nSMessage.getUsedTSA()) {
            hashMap.put(NetSignResult.TSA_TEXT, nSMessage.getTSAText());
        }
        return new NetSignResult(hashMap);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static NetSignResult xmlSignatureResult(NSMessage nSMessage) throws NetSignAgentException {
        HashMap hashMap = new HashMap();
        hashMap.put(NetSignResult.SIGN_TEXT, checkAndUnzip(checkAndDecrypt(nSMessage.getCryptoText(), nSMessage.getCommunicateMode()), nSMessage.isZipMode()));
        hashMap.put(NetSignResult.Sign_ID, nSMessage.getXmlSigID());
        if (nSMessage.getUsedTSA()) {
            hashMap.put(NetSignResult.TSA_TEXT, nSMessage.getTSAText());
        }
        return new NetSignResult(hashMap);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static NetSignResult pdfSignatureResult(NSMessage nSMessage) throws NetSignAgentException {
        HashMap hashMap = new HashMap();
        hashMap.put(NetSignResult.SIGN_TEXT, nSMessage.getCryptoText());
        return new NetSignResult(hashMap);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static NetSignResult envelopeResult(NSMessage nSMessage) throws NetSignAgentException {
        HashMap hashMap = new HashMap();
        hashMap.put(NetSignResult.ENC_TEXT, checkAndUnzip(nSMessage.getCryptoText(), nSMessage.isZipMode()));
        return new NetSignResult(hashMap);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static NetSignResult decryptEnvelopeResult(NSMessageOpt nSMessageOpt) throws NetSignAgentException {
        HashMap hashMap = new HashMap();
        hashMap.put(NetSignResult.PLAIN_TEXT, checkAndUnzip(checkAndDecrypt(nSMessageOpt.getPlainText(), nSMessageOpt.getCommunicateMode()), nSMessageOpt.isZipMode()));
        hashMap.put(NetSignResult.ENC_SUBJECT, nSMessageOpt.getEncSubject());
        hashMap.put(NetSignResult.ENC_SER_NUMBER, nSMessageOpt.getEncSerNumber());
        hashMap.put(NetSignResult.ENC_ISSUER_SUBJECT, nSMessageOpt.getEncIssuerSubject());
        hashMap.put(NetSignResult.ENC_START_TIME, nSMessageOpt.getEncStartTime());
        hashMap.put(NetSignResult.ENC_END_TIME, nSMessageOpt.getEncEndtime());
        if (nSMessageOpt.getDigestAlg() != null) {
            hashMap.put(NetSignResult.DIGEST_ALG, nSMessageOpt.getDigestAlg());
        }
        if (nSMessageOpt.getSymmetricalAlg() != null) {
            hashMap.put(NetSignResult.ENC_ALG, nSMessageOpt.getSymmetricalAlg());
        }
        if (nSMessageOpt.getSignSubject() != null) {
            hashMap.put(NetSignResult.SIGN_SUBJECT, nSMessageOpt.getSignSubject());
            hashMap.put(NetSignResult.SIGN_SER_NUMBER, nSMessageOpt.getSignSerNumber());
            hashMap.put(NetSignResult.SIGN_ISSUER_SUBJECT, nSMessageOpt.getSignIssuerSubject());
            hashMap.put(NetSignResult.SIGN_START_TIME, nSMessageOpt.getSignStartTime());
            hashMap.put(NetSignResult.SIGN_END_TIME, nSMessageOpt.getSignEndtime());
        }
        return new NetSignResult(hashMap);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static PublicKey transpublickey(PublicKey publicKey) throws NetSignAgentException {
        try {
            if ((publicKey instanceof JCERSAPublicKey) || (publicKey instanceof JCESM2PublicKey) || (publicKey instanceof SM2PublicKey)) {
                return publicKey;
            }
            RSAPublicKey rSAPublicKey = (RSAPublicKey) publicKey;
            return KeyFactory.getInstance("RSA", "INFOSEC").generatePublic(new RSAPublicKeySpec(rSAPublicKey.getModulus(), rSAPublicKey.getPublicExponent()));
        } catch (Exception e) {
            throw new NetSignAgentException(e.getMessage());
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static X509Certificate transcertificate(X509Certificate x509Certificate) throws NetSignAgentException {
        try {
            if (x509Certificate instanceof X509CertificateObject) {
                return x509Certificate;
            }
            return (X509Certificate) CertificateFactory.getInstance("X.509", "INFOSEC").generateCertificate(new ByteArrayInputStream(x509Certificate.getEncoded()));
        } catch (Exception e) {
            throw new NetSignAgentException(e.getMessage());
        }
    }

    public static void debug(String str, AbstractMessage abstractMessage) {
        if (NetSignAgent.getDebugWriter() != null) {
            NetSignAgent.getDebugWriter().println(String.valueOf(str) + (abstractMessage != null ? abstractMessage.getString() : ""));
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String getDN(String str) {
        if (str == null || str.equals("")) {
            return str;
        }
        switch (NetSignAgentRes.getOrderDN()) {
            case PBCAgent.DNORDER_NATIVE /* 0 */:
                return str;
            case 1:
                return DNItemReverseUtil.isDNReversed(str) ? DNItemReverseUtil.reverse(str) : str;
            case 2:
                return (str.startsWith("CN=") || str.startsWith("cn=")) ? turnDNString(str) : str;
            default:
                return str;
        }
    }

    private static String turnDNString(String str) {
        if (str.indexOf(",") < 0) {
            return str;
        }
        String str2 = str.indexOf(", ") > -1 ? ", " : ",";
        String[] split = str.split(str2);
        String str3 = "";
        for (int length = split.length - 1; length >= 0; length--) {
            str3 = String.valueOf(str3) + split[length];
            if (length != 0) {
                str3 = String.valueOf(str3) + str2;
            }
        }
        return str3;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static NetSignResult barcodeResult(NSMessageOpt nSMessageOpt) throws NetSignAgentException {
        HashMap hashMap = new HashMap();
        hashMap.put(NetSignResult.BARCODE_SYMBOLOGY, nSMessageOpt.getBcSymbology());
        return new NetSignResult(hashMap);
    }

    public static byte[] digest(byte[] bArr, String str) {
        try {
            return MessageDigest.getInstance(str, "INFOSEC").digest(bArr);
        } catch (Exception e) {
            ConsoleLogger.logException(e);
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static byte[] getSignatureInPKCS7(byte[] bArr, X509Certificate x509Certificate) {
        int i;
        PublicKey publicKey = x509Certificate.getPublicKey();
        if (publicKey instanceof RSAPublicKey) {
            int bitLength = ((RSAPublicKey) publicKey).getModulus().bitLength() / 8;
            byte[] bArr2 = new byte[bitLength];
            System.arraycopy(bArr, bArr.length - bitLength, bArr2, 0, bitLength);
            return bArr2;
        }
        boolean z = false;
        for (int length = bArr.length - 64; length > 0; length--) {
            if (bArr[length] == 4) {
                if (bArr[length + 1] == 81) {
                    i = 255 & bArr[length + 2];
                    if (length + 2 + i == bArr.length) {
                        z = true;
                    }
                } else {
                    i = 255 & bArr[length + 1];
                    if (length + 1 + i == bArr.length) {
                        z = true;
                    }
                }
                if (z) {
                    byte[] bArr3 = new byte[i];
                    System.arraycopy(bArr, bArr.length - i, bArr3, 0, i);
                    return bArr3;
                }
            }
        }
        return null;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void setVerifyResult(byte[] bArr, X509Certificate x509Certificate, boolean z, NetSignResult netSignResult) {
        if (bArr != null && bArr.length > 0) {
            netSignResult.setResult(NetSignResult.PLAIN_TEXT, bArr);
        }
        if (x509Certificate != null) {
            netSignResult.setResult(NetSignResult.SIGN_SUBJECT, x509Certificate.getSubjectDN().getName());
            netSignResult.setResult(NetSignResult.SIGN_SER_NUMBER, x509Certificate.getSerialNumber().toString(16).toUpperCase());
            netSignResult.setResult(NetSignResult.SIGN_ISSUER_SUBJECT, x509Certificate.getIssuerDN().getName());
            netSignResult.setResult(NetSignResult.SIGN_START_TIME, new StringBuilder(String.valueOf(x509Certificate.getNotBefore().getTime())).toString());
            netSignResult.setResult(NetSignResult.SIGN_END_TIME, new StringBuilder(String.valueOf(x509Certificate.getNotAfter().getTime())).toString());
            if (z) {
                netSignResult.setResult(NetSignResult.SIGN_CERT, x509Certificate);
            }
        }
    }

    public static String dealSN(String str) {
        switch (NetSignAgentRes.getSNMode()) {
            case 1:
                return str.length() % 2 == 0 ? str : "0" + str;
            case 2:
                return new BigInteger(str, 16).toString(10);
            default:
                return str;
        }
    }
}
