package cn.org.bjca.wsecx.core.impl;

import cn.org.bjca.wsecx.core.crypto.Digest;
import cn.org.bjca.wsecx.core.crypto.digests.MD5Digest;
import cn.org.bjca.wsecx.core.crypto.digests.SHA1Digest;
import cn.org.bjca.wsecx.core.pkcs.WPKCS7;
import cn.org.bjca.wsecx.interfaces.BJCAWirelessInfo;
import cn.org.bjca.wsecx.interfaces.BJCAWirelessInterface;
import cn.org.bjca.wsecx.interfaces.WSecurityEngineException;
import cn.org.bjca.wsecx.outter.WSecXAppInterface;
import cn.org.bjca.wsecx.outter.WSecurityEnginePackage;
import cn.org.bjca.wsecx.outter.encoder.Base64;
import cn.org.bjca.wsecx.outter.res.ConnectionDevice;
import cn.org.bjca.wsecx.outter.res.ContainerConfig;
import cn.org.bjca.wsecx.outter.util.ByteUtil;
import cn.org.bjca.wsecx.outter.util.CryptoUtil;
import cn.org.bjca.wsecx.soft.build.WSexAlgBuilder;
import cn.org.bjca.wsecx.soft.core.SM3Digest;
import java.io.UnsupportedEncodingException;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.util.Hashtable;

/* loaded from: classes.dex */
public class WSecXAppInterfaceImpl implements WSecXAppInterface {
    private static final int CRY_LEN = 117;
    private static final int PICTURE_BEGIN_POINT = 328;
    private static final int PICTURE_LEN = 4;
    private static final int PICTURE_LEN_POINT = 12;
    private static final String SPLIT_DATA_STAMP = "[`~]";
    private static final String SPLIT_SPECIAL_CHAR = "````";
    private static final String SPLIT_SPECIAL_END = "[`~][`~]";
    private static final int TYPE_LEN = 2;
    private static final String TYPE_NAME = "ES";
    private static final int TYPE_POINT = 0;
    private BJCAWirelessInterface bacaInterface;
    private ContainerConfig config;

    /* loaded from: classes.dex */
    private enum EleStamp {
        SIGNDATA,
        PUBLICKEY,
        CERT,
        CURRENTTIME,
        ALIAS,
        PICTURE,
        END;

        /* renamed from: values, reason: to resolve conflict with enum method */
        public static EleStamp[] valuesCustom() {
            EleStamp[] valuesCustom = values();
            int length = valuesCustom.length;
            EleStamp[] eleStampArr = new EleStamp[length];
            System.arraycopy(valuesCustom, 0, eleStampArr, 0, length);
            return eleStampArr;
        }
    }

    public WSecXAppInterfaceImpl(BJCAWirelessInterface bJCAWirelessInterface, ContainerConfig containerConfig) {
        this.bacaInterface = bJCAWirelessInterface;
        this.config = containerConfig;
    }

    @Override // cn.org.bjca.wsecx.outter.WSecXAppInterface
    public byte[] genRandom(int i) throws WSecurityEngineException {
        if (i <= 0) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.INPUT_PARAM_NULL_INVAILD, "产生的随机数长度不能小于零");
        }
        byte[] genRandom = this.bacaInterface.genRandom(i);
        if (genRandom == null) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.INPUT_PARAM_NULL_INVAILD, "产生的随机数错误:" + ((Object) null));
        }
        return genRandom;
    }

    @Override // cn.org.bjca.wsecx.outter.WSecXAppInterface
    public String getCert(String str, int i) throws WSecurityEngineException {
        String str2 = str;
        if (str == null) {
            str2 = this.config.getContainerAlias();
        }
        if (str2 == null) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.UNMATCH_ALIAS, "getCert 没有查找到证书容器别名 ");
        }
        ConnectionDevice binderDevice = WSecurityEnginePackage.getBinderDevice();
        if (binderDevice != null && i == 2 && !binderDevice.getCert().equals("null")) {
            return binderDevice.getCert();
        }
        byte[] exportCertificate = this.bacaInterface.exportCertificate(str2, i);
        if (exportCertificate == null) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.CERT_INVAILD, "getCert 无法获取证书 " + exportCertificate + "name==" + str2 + "keyType==" + i);
        }
        return Base64.encode(exportCertificate);
    }

    @Override // cn.org.bjca.wsecx.outter.WSecXAppInterface
    public Object getCertInfo(String str, int i) throws WSecurityEngineException {
        if (str == null) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.CERT_INVAILD, "非法证书base64格式");
        }
        byte[] decode = Base64.decode(str);
        if (decode == null) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.CERT_INVAILD, "非法证书格式");
        }
        return new WSexAlgBuilder().getCertInfo(decode, (byte) i);
    }

    public ContainerConfig getConfig() {
        return this.config;
    }

    @Override // cn.org.bjca.wsecx.outter.WSecXAppInterface
    public String getEleStamp(String str) throws WSecurityEngineException {
        if (!this.config.isLogin()) {
            throw new WSecurityEngineException(1001, "请重新pin码登录");
        }
        byte[] decode = Base64.decode(str);
        if (!ByteUtil.byteTOString(decode, 0, 2).equalsIgnoreCase(TYPE_NAME)) {
            return str;
        }
        int byteTOIntR = ByteUtil.byteTOIntR(decode, 12, 4);
        byte[] bArr = new byte[byteTOIntR];
        System.arraycopy(decode, PICTURE_BEGIN_POINT, bArr, 0, byteTOIntR);
        return Base64.encode(bArr);
    }

    @Override // cn.org.bjca.wsecx.outter.WSecXAppInterface
    public byte[] getExtCertInfo(String str, String str2) throws WSecurityEngineException {
        byte[] decode = Base64.decode(str);
        if (decode == null) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.CERT_FORMAT_ERROR, "非法证书base64格式");
        }
        return new WSexAlgBuilder().getExtCertInfo(decode, str2);
    }

    public byte[] getIVByCBC(int i, int i2) {
        byte[] bArr = {2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17};
        byte[] bArr2 = {0, 1, 2, 3, 4, 5, 6, 7};
        if (i2 != 1) {
            return null;
        }
        if (i == 1) {
            return bArr2;
        }
        if (i != 2) {
            return null;
        }
        byte[] bArr3 = new byte[16];
        System.arraycopy(bArr, 0, bArr3, 0, 16);
        return bArr3;
    }

    @Override // cn.org.bjca.wsecx.outter.WSecXAppInterface
    public String getPubKey(String str, int i) throws WSecurityEngineException {
        String str2 = str;
        if (str == null) {
            str2 = this.config.getContainerAlias();
        }
        if (str2 == null) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.UNMATCH_ALIAS, "getCert 没有查找到证书容器别名 ");
        }
        byte[] exportPubKey = this.bacaInterface.exportPubKey(str2, i);
        if (exportPubKey != null) {
            return new String(Base64.encode(exportPubKey));
        }
        return null;
    }

    @Override // cn.org.bjca.wsecx.outter.WSecXAppInterface
    public String hash(int i, byte[]... bArr) throws WSecurityEngineException {
        Digest sM3Digest;
        int i2 = i;
        if (i2 == -1) {
            i2 = this.config.getAlgHash();
        }
        new MD5Digest();
        switch (i2) {
            case 0:
                sM3Digest = new MD5Digest();
                break;
            case 1:
                sM3Digest = new SHA1Digest();
                break;
            case 2:
            default:
                throw new WSecurityEngineException(1002, "no match algType===" + i2);
            case 3:
                sM3Digest = new SM3Digest();
                break;
        }
        for (int i3 = 0; i3 < bArr.length; i3++) {
            sM3Digest.update(bArr[i3], 0, bArr[i3].length);
        }
        byte[] bArr2 = new byte[sM3Digest.getDigestSize()];
        sM3Digest.doFinal(bArr2, 0);
        return Base64.encode(bArr2);
    }

    @Override // cn.org.bjca.wsecx.outter.WSecXAppInterface
    public byte[] priKeyDecrypt(byte[] bArr, int i) throws WSecurityEngineException {
        if (!this.config.isLogin()) {
            throw new WSecurityEngineException(1001, "请重新pin码登录");
        }
        if (bArr == null) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.INPUT_PARAM_NULL_INVAILD, "参数输入为空");
        }
        return this.bacaInterface.priKeyDecryption(this.config.getContainerAlias(), i, bArr);
    }

    @Override // cn.org.bjca.wsecx.outter.WSecXAppInterface
    public byte[] pubKeyEncrypt(int i, byte[] bArr) throws WSecurityEngineException {
        if (!this.config.isLogin()) {
            throw new WSecurityEngineException(1001, "请重新pin码登录");
        }
        if (bArr == null) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.INPUT_PARAM_NULL_INVAILD, "参数输入为空");
        }
        if (bArr.length > CRY_LEN) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.INPUT_PARAM_NULL_INVAILD, "加密数据不能大于117个字节:" + bArr.length);
        }
        return this.bacaInterface.pubKeyEncryption(this.config.getContainerAlias(), i, bArr);
    }

    @Override // cn.org.bjca.wsecx.outter.WSecXAppInterface
    public byte[] pubKeyEncrypt(String str, byte[] bArr) throws WSecurityEngineException {
        if (str == null || bArr == null) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.INPUT_PARAM_NULL_INVAILD, "参数输入为空");
        }
        if (bArr.length > CRY_LEN) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.INPUT_PARAM_NULL_INVAILD, "加密数据不能大于117个字节:" + bArr.length);
        }
        byte[] decode = Base64.decode(str);
        if (decode == null) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.CERT_FORMAT_ERROR, "非法证书base64格式");
        }
        return this.bacaInterface.pubKeyEncryption(decode, bArr);
    }

    public void setConfig(ContainerConfig containerConfig) {
        this.config = containerConfig;
    }

    @Override // cn.org.bjca.wsecx.outter.WSecXAppInterface
    public String signData(byte[] bArr, int i, boolean z) throws WSecurityEngineException {
        if (!this.config.isLogin()) {
            throw new WSecurityEngineException(1001, "请重新pin码登录");
        }
        if (bArr == null) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.INPUT_PARAM_NULL_INVAILD, "signData参数输入为空");
        }
        byte[] signData = this.bacaInterface.signData(this.config.getContainerAlias(), i, this.config.getAlgHash(), bArr, z);
        if (signData == null) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.SIGN_CRYPT_ERROR, "signData签名失败" + this.config.getContainerAlias());
        }
        return new String(Base64.encode(signData));
    }

    @Override // cn.org.bjca.wsecx.outter.WSecXAppInterface
    public String signEleStamp(String str, String str2, int i, String str3) throws WSecurityEngineException {
        return signEleStamp(str, str2, -1L, i, str3);
    }

    @Override // cn.org.bjca.wsecx.outter.WSecXAppInterface
    public String signEleStamp(String str, String str2, long j, int i, String str3) throws WSecurityEngineException {
        if (!this.config.isLogin()) {
            throw new WSecurityEngineException(1001, "请重新pin码登录");
        }
        if (str == null || str2 == null) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.INPUT_PARAM_NULL_INVAILD, "参数输入为空" + str);
        }
        byte[] decode = Base64.decode(str2);
        if (ByteUtil.byteTOString(decode, 0, 2).equalsIgnoreCase(TYPE_NAME)) {
            int byteTOIntR = ByteUtil.byteTOIntR(decode, 12, 4);
            byte[] bArr = new byte[byteTOIntR];
            System.arraycopy(decode, PICTURE_BEGIN_POINT, bArr, 0, byteTOIntR);
            str2 = Base64.encode(bArr);
        }
        try {
            String signData = signData((SPLIT_DATA_STAMP + str + SPLIT_DATA_STAMP + str2 + SPLIT_DATA_STAMP).getBytes(str3), i, false);
            if (signData == null) {
                throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.INPUT_PARAM_NULL_INVAILD, "厂商签名发生错误");
            }
            String sb = new StringBuilder(String.valueOf(j)).toString();
            if (j <= 0) {
                sb = new StringBuilder(String.valueOf(System.currentTimeMillis())).toString();
            }
            String pubKey = getPubKey(this.config.getContainerAlias(), i);
            String cert = getCert(this.config.getContainerAlias(), i);
            if (pubKey == null || cert == null) {
                throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.INPUT_PARAM_NULL_INVAILD, "读取公钥或证书错误");
            }
            StringBuffer stringBuffer = new StringBuffer(1024);
            stringBuffer.append(signData).append(SPLIT_SPECIAL_CHAR).append(pubKey).append(SPLIT_SPECIAL_CHAR).append(cert).append(SPLIT_SPECIAL_CHAR).append(sb).append(SPLIT_SPECIAL_CHAR).append(this.config.getContainerAlias()).append(SPLIT_SPECIAL_CHAR).append(SPLIT_SPECIAL_END).append(str2).append(SPLIT_DATA_STAMP);
            return stringBuffer.toString();
        } catch (Exception e) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.SIGN_CRYPT_ERROR, String.valueOf(getConfig().getContainerAlias()) + "===" + str3 + "==签名底层错误：" + e.getMessage());
        }
    }

    @Override // cn.org.bjca.wsecx.outter.WSecXAppInterface
    public String signedDataP7(byte[] bArr, X509Certificate[] x509CertificateArr, X509CRL[] x509crlArr, Hashtable hashtable, Hashtable hashtable2, boolean z, int i) throws WSecurityEngineException {
        if (!this.config.isLogin()) {
            throw new WSecurityEngineException(1001, "请重新pin码登录");
        }
        if (bArr == null) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.INPUT_PARAM_NULL_INVAILD, "signData参数输入为空");
        }
        try {
            return WPKCS7.signedDataP7(this, bArr, x509CertificateArr, x509crlArr, z, hashtable, hashtable2);
        } catch (Exception e) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.PKCS7_SIGN_ERROR, e);
        }
    }

    @Override // cn.org.bjca.wsecx.outter.WSecXAppInterface
    public String signedDataP7(byte[] bArr, X509Certificate[] x509CertificateArr, X509CRL[] x509crlArr, boolean z, int i) throws WSecurityEngineException {
        if (!this.config.isLogin()) {
            throw new WSecurityEngineException(1001, "请重新pin码登录");
        }
        if (bArr == null) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.INPUT_PARAM_NULL_INVAILD, "signData参数输入为空");
        }
        try {
            return WPKCS7.signedDataP7(this, bArr, x509CertificateArr, x509crlArr, z);
        } catch (Exception e) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.PKCS7_SIGN_ERROR, e);
        }
    }

    public String symmDecryptData(String str, byte[] bArr) throws WSecurityEngineException {
        if (bArr == null || str == null) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.INPUT_PARAM_NULL_INVAILD, "参数输入为空");
        }
        byte[] iVByCBC = getIVByCBC(this.config.getAlgSym(), this.config.getSymPadding());
        str.getBytes();
        try {
            byte[] symDecrypt = this.bacaInterface.symDecrypt(CryptoUtil.generateKey(str.toCharArray()), bArr, this.config.getAlgSym(), this.config.getSymPadding(), iVByCBC);
            if (symDecrypt != null) {
                return Base64.encode(symDecrypt);
            }
            return null;
        } catch (Exception e) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.SYMM_CIPHER_INVALID, "厂商对称加解密失败：" + e.getMessage());
        }
    }

    @Override // cn.org.bjca.wsecx.outter.WSecXAppInterface
    public String symmDecryptData(byte[] bArr, byte[] bArr2) throws WSecurityEngineException {
        if (bArr2 == null || bArr == null) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.INPUT_PARAM_NULL_INVAILD, "参数输入为空");
        }
        if (this.config.getSymPadding() == 1 && bArr.length != 16) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.INPUT_PARAM_NULL_INVAILD, "参数KEY输入symmEncryptData c非法" + bArr.length);
        }
        try {
            byte[] symDecrypt = this.bacaInterface.symDecrypt(bArr, bArr2, this.config.getAlgSym(), this.config.getSymPadding(), getIVByCBC(this.config.getAlgSym(), this.config.getSymPadding()));
            if (symDecrypt != null) {
                return Base64.encode(symDecrypt);
            }
            return null;
        } catch (Exception e) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.SYMM_CIPHER_INVALID, "厂商对称加解密失败：" + e.getMessage());
        }
    }

    public String symmEncryptData(String str, byte[] bArr) throws WSecurityEngineException {
        if (bArr == null || str == null) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.INPUT_PARAM_NULL_INVAILD, "参数输入为空 key" + str);
        }
        str.getBytes();
        try {
            byte[] symEncrypt = this.bacaInterface.symEncrypt(CryptoUtil.generateKey(str.toCharArray()), bArr, this.config.getAlgSym(), this.config.getSymPadding(), getIVByCBC(this.config.getAlgSym(), this.config.getSymPadding()));
            if (symEncrypt != null) {
                return Base64.encode(symEncrypt);
            }
            return null;
        } catch (Exception e) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.SYMM_CIPHER_INVALID, "厂商对称加解密失败：" + e.getMessage());
        }
    }

    @Override // cn.org.bjca.wsecx.outter.WSecXAppInterface
    public String symmEncryptData(byte[] bArr, byte[] bArr2) throws WSecurityEngineException {
        if (bArr2 == null || bArr == null) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.INPUT_PARAM_NULL_INVAILD, "参数输入为空 key" + bArr);
        }
        if (this.config.getSymPadding() == 1 && bArr.length != 16) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.INPUT_PARAM_NULL_INVAILD, "参数KEY输入symmEncryptData c非法" + bArr.length);
        }
        try {
            byte[] symEncrypt = this.bacaInterface.symEncrypt(bArr, bArr2, this.config.getAlgSym(), this.config.getSymPadding(), getIVByCBC(this.config.getAlgSym(), this.config.getSymPadding()));
            if (symEncrypt != null) {
                return Base64.encode(symEncrypt);
            }
            return null;
        } catch (Exception e) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.SYMM_CIPHER_INVALID, "厂商对称加解密失败：" + e.getMessage());
        }
    }

    @Override // cn.org.bjca.wsecx.outter.WSecXAppInterface
    public boolean verifyEleStamp(String str, String str2, String str3) throws WSecurityEngineException {
        if (!this.config.isLogin()) {
            throw new WSecurityEngineException(1001, "请重新pin码登录");
        }
        String[] split = str2.split(SPLIT_SPECIAL_CHAR);
        if (split == null || str2 == null || split.length != EleStamp.END.ordinal()) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.INPUT_PARAM_NULL_INVAILD, "电子签章格式错误" + split.length);
        }
        String str4 = SPLIT_DATA_STAMP + str + split[EleStamp.PICTURE.ordinal()].substring(SPLIT_DATA_STAMP.length());
        Boolean.valueOf(false);
        try {
            return Boolean.valueOf(verifySignedData(split[EleStamp.CERT.ordinal()], str4.getBytes(str3), Base64.decode(split[EleStamp.SIGNDATA.ordinal()]), false)).booleanValue();
        } catch (UnsupportedEncodingException e) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.INPUT_PARAM_NULL_INVAILD, "字符集非法" + str3);
        }
    }

    @Override // cn.org.bjca.wsecx.outter.WSecXAppInterface
    public boolean verifySignedData(String str, byte[] bArr, byte[] bArr2, boolean z) throws WSecurityEngineException {
        if (str == null || bArr == null || bArr2 == null) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.INPUT_PARAM_NULL_INVAILD, "verifySignedData参数输入为空");
        }
        byte[] decode = Base64.decode(str);
        if (decode == null) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.CERT_FORMAT_ERROR, "verifySignedData非法证书base64格式");
        }
        try {
            return this.bacaInterface.verifySignedData(decode, bArr, bArr2, this.config.getAlgHash(), z);
        } catch (WSecurityEngineException e) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.SIGN_VERIFY_INVALID, "验签不成功：" + e);
        }
    }
}
