package cn.org.bjca.wsecx.core.impl;

import cn.org.bjca.wsecx.core.asn1.DERObjectIdentifier;
import cn.org.bjca.wsecx.core.asn1.cms.AttributeTable;
import cn.org.bjca.wsecx.core.asn1.cms.CMSObjectIdentifiers;
import cn.org.bjca.wsecx.core.asn1.x509.X509CertificateStructure;
import cn.org.bjca.wsecx.core.crypto.Digest;
import cn.org.bjca.wsecx.core.crypto.digests.MD5Digest;
import cn.org.bjca.wsecx.core.crypto.digests.SHA1Digest;
import cn.org.bjca.wsecx.core.crypto.digests.SHA256Digest;
import cn.org.bjca.wsecx.core.math.ec.ECPoint;
import cn.org.bjca.wsecx.core.pkcs7.encode.EnvelopedBuilder;
import cn.org.bjca.wsecx.core.pkcs7.encode.EnvelopedDataRSABuilder;
import cn.org.bjca.wsecx.core.pkcs7.encode.EnvelopedDataSM2Builder;
import cn.org.bjca.wsecx.core.pkcs7.sign.CMSProcessableByteArray;
import cn.org.bjca.wsecx.core.pkcs7.sign.CMSSignedDataGenerator;
import cn.org.bjca.wsecx.core.pkcs7.sign.CMSSignedGenerator;
import cn.org.bjca.wsecx.interfaces.BJCAWirelessInfo;
import cn.org.bjca.wsecx.interfaces.BJCAWirelessInterface;
import cn.org.bjca.wsecx.interfaces.ConnectionDevice;
import cn.org.bjca.wsecx.interfaces.WSecurityEngineException;
import cn.org.bjca.wsecx.outter.WSecXAppInterface;
import cn.org.bjca.wsecx.outter.WSecurityEnginePackage;
import cn.org.bjca.wsecx.outter.encoder.Base64;
import cn.org.bjca.wsecx.outter.res.ContainerConfig;
import cn.org.bjca.wsecx.outter.util.ByteUtil;
import cn.org.bjca.wsecx.outter.util.CryptoUtil;
import cn.org.bjca.wsecx.soft.build.IWSexAlgBuilder;
import cn.org.bjca.wsecx.soft.build.IWSexAsymmAlg;
import cn.org.bjca.wsecx.soft.build.WSexAlgBuilder;
import cn.org.bjca.wsecx.soft.build.sign.IWSexSign;
import cn.org.bjca.wsecx.soft.build.sign.IWSexSignBuilder;
import cn.org.bjca.wsecx.soft.build.sign.WSexSignBuilder;
import cn.org.bjca.wsecx.soft.sm.SM3Digest;
import cn.org.bjca.wsecx.soft.sm.sm2.SM2Signer;
import java.io.UnsupportedEncodingException;

/* loaded from: classes.dex */
public class WSecXAppInterfaceImpl implements WSecXAppInterface {
    private static final int CRY_LEN = 117;
    private static final int LOCAL_TIME = -1;
    private static final int PICTURE_BEGIN_POINT = 328;
    private static final int PICTURE_LEN = 4;
    private static final int PICTURE_LEN_POINT = 12;
    private static final String SPLIT_DATA_STAMP = "[`~]";
    private static final String SPLIT_SPECIAL_CHAR = "````";
    private static final String SPLIT_SPECIAL_END = "[`~][`~]";
    private static final int TYPE_LEN = 2;
    private static final String TYPE_NAME = "ES";
    private static final int TYPE_POINT = 0;
    private BJCAWirelessInterface bacaInterface;
    private ContainerConfig config;
    private IWSexAlgBuilder algBuild = new WSexAlgBuilder();
    private IWSexSignBuilder signBuild = new WSexSignBuilder();

    /* loaded from: classes.dex */
    enum EleStamp {
        SIGNDATA,
        PUBLICKEY,
        CERT,
        CURRENTTIME,
        ALIAS,
        PICTURE,
        END;

        /* renamed from: values, reason: to resolve conflict with enum method */
        public static EleStamp[] valuesCustom() {
            EleStamp[] valuesCustom = values();
            int length = valuesCustom.length;
            EleStamp[] eleStampArr = new EleStamp[length];
            System.arraycopy(valuesCustom, 0, eleStampArr, 0, length);
            return eleStampArr;
        }
    }

    public WSecXAppInterfaceImpl(BJCAWirelessInterface bJCAWirelessInterface, ContainerConfig containerConfig) {
        this.bacaInterface = bJCAWirelessInterface;
        this.config = containerConfig;
    }

    private String signDataByInner(byte[] bArr, String str, int i, boolean z) {
        int i2;
        if (bArr == null || this.config.getContainerAlias() == null) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.INPUT_PARAM_NULL_INVAILD, "signData参数输入为空:" + this.config.getContainerAlias());
        }
        String keyAlg = this.algBuild.buildAsymm(str).getKeyAlg(Base64.decode(str));
        if (keyAlg.equals(BJCAWirelessInterface.RSA_1024_ALG) || keyAlg.equals(BJCAWirelessInterface.RSA_2048_ALG)) {
            i2 = 1;
        } else {
            if (!keyAlg.equals(BJCAWirelessInterface.SM2_256_ALG)) {
                throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.SIGN_CRYPT_ERROR, String.valueOf(keyAlg) + " :ALG no found");
            }
            i2 = 3;
        }
        byte[] signData = this.bacaInterface.signData(this.config.getContainerAlias(), i, i2, bArr, z);
        if (signData == null) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.SIGN_CRYPT_ERROR, "signDataByInner签名失败" + this.config.getContainerAlias());
        }
        return new String(Base64.encode(signData));
    }

    private byte[] sm3Hash(byte[] bArr, X509CertificateStructure x509CertificateStructure, byte[] bArr2) {
        byte[] bArr3 = new byte[64];
        System.arraycopy(x509CertificateStructure.getSubjectPublicKeyInfo().getPublicKeyData().getBytes(), 1, bArr3, 0, bArr3.length);
        byte[] bArr4 = new byte[32];
        SM2Signer sM2Signer = new SM2Signer();
        SM3Digest sM3Digest = new SM3Digest();
        if (bArr3 == null) {
            sM3Digest.update(bArr, 0, bArr.length);
            sM3Digest.doFinal(bArr4, 0);
        } else {
            ECPoint decodePoint = sM2Signer.decodePoint(bArr3);
            sM3Digest.addId(decodePoint.getX().toBigInteger(), decodePoint.getY().toBigInteger(), bArr2);
            sM3Digest.update(bArr, 0, bArr.length);
            sM3Digest.doFinal(bArr4, 0);
        }
        return bArr4;
    }

    @Override // cn.org.bjca.wsecx.outter.WSecXAppInterface
    public String decodeP7EnvelopedData(String str, String str2) {
        throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.UNIMPL_METHOD, "decodeP7EnvelopedData no impl");
    }

    @Override // cn.org.bjca.wsecx.outter.WSecXAppInterface
    public String encodeP7EnvelopedData(byte[] bArr, String str) {
        EnvelopedBuilder envelopedDataRSABuilder;
        DERObjectIdentifier dERObjectIdentifier;
        if (bArr == null) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.INPUT_PARAM_NULL_INVAILD, "signData参数输入为空");
        }
        IWSexAsymmAlg buildAsymm = this.algBuild.buildAsymm(str);
        DERObjectIdentifier dERObjectIdentifier2 = CMSObjectIdentifiers.envelopedData;
        if (buildAsymm == null) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.PKCS7_ENCODE_ERROR, "ALG no found");
        }
        String keyAlg = buildAsymm.getKeyAlg(Base64.decode(str));
        if (keyAlg.equals(BJCAWirelessInterface.RSA_1024_ALG) || keyAlg.equals(BJCAWirelessInterface.RSA_2048_ALG)) {
            envelopedDataRSABuilder = new EnvelopedDataRSABuilder();
            envelopedDataRSABuilder.addKeyTransRecipient(str);
            dERObjectIdentifier = CMSObjectIdentifiers.envelopedData;
        } else {
            if (!keyAlg.equals(BJCAWirelessInterface.SM2_256_ALG)) {
                throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.PKCS7_ENCODE_ERROR, "ALG no found");
            }
            envelopedDataRSABuilder = new EnvelopedDataSM2Builder();
            envelopedDataRSABuilder.addKeyTransRecipientSM2(str);
            dERObjectIdentifier = CMSObjectIdentifiers.envelopedDataSM2;
        }
        getConfig().setAsymmAlg(keyAlg, getConfig().getAlgHash());
        try {
            return Base64.encode(envelopedDataRSABuilder.generate(dERObjectIdentifier, this, new CMSProcessableByteArray(bArr), null).getEncoded());
        } catch (Exception e) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.PKCS7_ENCODE_ERROR, e);
        }
    }

    @Override // cn.org.bjca.wsecx.outter.WSecXAppInterface
    public byte[] genRandom(int i) {
        if (i <= 0) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.INPUT_PARAM_NULL_INVAILD, "产生的随机数长度不能小于零");
        }
        byte[] genRandom = this.bacaInterface.genRandom(i);
        if (genRandom == null) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.INPUT_PARAM_NULL_INVAILD, "产生的随机数错误:" + ((Object) null));
        }
        return genRandom;
    }

    @Override // cn.org.bjca.wsecx.outter.WSecXAppInterface
    public String getCert(String str, int i) {
        if (str == null) {
            str = this.config.getContainerAlias();
        }
        if (str == null) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.UNMATCH_ALIAS, "getCert没有查找到证书容器别名 ");
        }
        ConnectionDevice binderDevice = WSecurityEnginePackage.getBinderDevice();
        if (binderDevice != null && i == 2 && !binderDevice.getCert().equals("null")) {
            return binderDevice.getCert();
        }
        byte[] exportCertificate = this.bacaInterface.exportCertificate(str, i);
        if (exportCertificate == null) {
            throw new WSecurityEngineException(1004, "getCert 无法获取证书 " + exportCertificate + "name==" + str + "==keyType==" + i);
        }
        return Base64.encode(exportCertificate);
    }

    @Override // cn.org.bjca.wsecx.outter.WSecXAppInterface
    public Object getCertInfo(String str, int i) {
        if (str == null) {
            throw new WSecurityEngineException(1004, "非法证书base64格式");
        }
        byte[] decode = Base64.decode(str);
        if (decode == null) {
            throw new WSecurityEngineException(1004, "非法证书格式");
        }
        if (i != 21) {
            return this.algBuild.getCertInfo(decode, (byte) i);
        }
        IWSexAsymmAlg buildAsymm = this.algBuild.buildAsymm(decode);
        return buildAsymm != null ? buildAsymm.getKeyAlg(decode) : "NULL";
    }

    @Override // cn.org.bjca.wsecx.outter.WSecXAppInterface
    public ContainerConfig getConfig() {
        return this.config;
    }

    @Override // cn.org.bjca.wsecx.outter.WSecXAppInterface
    public String getEleStamp(String str) {
        byte[] decode = Base64.decode(str);
        if (!ByteUtil.byteTOString(decode, 0, 2).equalsIgnoreCase(TYPE_NAME)) {
            return str;
        }
        int byteTOIntR = ByteUtil.byteTOIntR(decode, 12, 4);
        byte[] bArr = new byte[byteTOIntR];
        System.arraycopy(decode, PICTURE_BEGIN_POINT, bArr, 0, byteTOIntR);
        return Base64.encode(bArr);
    }

    @Override // cn.org.bjca.wsecx.outter.WSecXAppInterface
    public byte[] getExtCertInfo(String str, String str2) {
        byte[] decode = Base64.decode(str);
        if (decode == null) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.CERT_FORMAT_ERROR, "非法证书base64格式");
        }
        return new WSexAlgBuilder().getExtCertInfo(decode, str2);
    }

    @Override // cn.org.bjca.wsecx.outter.WSecXAppInterface
    public String getPubKey(String str, int i) {
        if (str == null) {
            str = this.config.getContainerAlias();
        }
        if (str == null) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.UNMATCH_ALIAS, "getCert 没有查找到证书容器别名 ");
        }
        byte[] exportPubKey = this.bacaInterface.exportPubKey(str, i);
        if (exportPubKey != null) {
            return new String(Base64.encode(exportPubKey));
        }
        return null;
    }

    @Override // cn.org.bjca.wsecx.outter.WSecXAppInterface
    public String getSignEleStamp(String str) {
        String[] split = str.split(SPLIT_SPECIAL_CHAR);
        if (split == null || str == null || split.length != EleStamp.END.ordinal()) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.INPUT_PARAM_NULL_INVAILD, "电子签章格式错误" + split.length);
        }
        String substring = split[EleStamp.PICTURE.ordinal()].substring(SPLIT_DATA_STAMP.length()).substring(SPLIT_DATA_STAMP.length());
        int indexOf = substring.indexOf(SPLIT_DATA_STAMP);
        if (indexOf != -1) {
            substring = substring.substring(0, indexOf);
        }
        return getEleStamp(substring);
    }

    @Override // cn.org.bjca.wsecx.outter.WSecXAppInterface
    public String hash(int i, String str, byte[]... bArr) {
        Digest sHA256Digest;
        if (i == 3) {
            IWSexAsymmAlg buildAsymm = this.algBuild.buildAsymm(str);
            if (buildAsymm == null) {
                throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.PKCS7_ENCODE_ERROR, buildAsymm + " :ALG no found");
            }
            return Base64.encode(sm3Hash(bArr[0], buildAsymm.getCert(Base64.decode(str)), SM3Digest.SM3HASH_ID));
        }
        new MD5Digest();
        switch (i) {
            case 0:
                sHA256Digest = new MD5Digest();
                break;
            case 1:
                sHA256Digest = new SHA1Digest();
                break;
            case 2:
                sHA256Digest = new SHA256Digest();
                break;
            default:
                throw new WSecurityEngineException(1002, "no match algType===" + i);
        }
        for (int i2 = 0; i2 < bArr.length; i2++) {
            sHA256Digest.update(bArr[i2], 0, bArr[i2].length);
        }
        byte[] bArr2 = new byte[sHA256Digest.getDigestSize()];
        sHA256Digest.doFinal(bArr2, 0);
        return Base64.encode(bArr2);
    }

    @Override // cn.org.bjca.wsecx.outter.WSecXAppInterface
    public boolean isEleStampFormat(String str) {
        return ByteUtil.byteTOString(Base64.decode(str), 0, 2).equalsIgnoreCase(TYPE_NAME);
    }

    @Override // cn.org.bjca.wsecx.outter.WSecXAppInterface
    public byte[] priKeyDecrypt(byte[] bArr, int i) {
        if (!this.config.isLogin()) {
            throw new WSecurityEngineException(1001, "请重新pin码登录");
        }
        if (bArr == null) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.INPUT_PARAM_NULL_INVAILD, "参数输入为空");
        }
        return this.bacaInterface.priKeyDecryption(this.config.getContainerAlias(), i, bArr);
    }

    @Override // cn.org.bjca.wsecx.outter.WSecXAppInterface
    public byte[] pubKeyEncrypt(int i, byte[] bArr) {
        if (this.config == null) {
            throw new WSecurityEngineException(1001, "请重新pin码登录(pubKeyEncrypt)");
        }
        if (bArr == null || this.config.getContainerAlias() == null) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.INPUT_PARAM_NULL_INVAILD, "参数输入为空:" + this.config.getContainerAlias());
        }
        if (bArr.length > CRY_LEN) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.INPUT_PARAM_NULL_INVAILD, "加密数据不能大于117个字节:" + bArr.length);
        }
        return this.bacaInterface.pubKeyEncryption(this.config.getContainerAlias(), i, bArr);
    }

    @Override // cn.org.bjca.wsecx.outter.WSecXAppInterface
    public byte[] pubKeyEncrypt(String str, byte[] bArr) {
        if (str == null || bArr == null) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.INPUT_PARAM_NULL_INVAILD, "参数输入为空");
        }
        if (bArr.length > CRY_LEN) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.INPUT_PARAM_NULL_INVAILD, "加密数据不能大于117个字节:" + bArr.length);
        }
        byte[] decode = Base64.decode(str);
        if (decode == null) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.CERT_FORMAT_ERROR, "非法证书base64格式");
        }
        return this.bacaInterface.pubKeyEncryption(decode, bArr);
    }

    @Override // cn.org.bjca.wsecx.outter.WSecXAppInterface
    public void setConfig(ContainerConfig containerConfig) {
        this.config = containerConfig;
    }

    @Override // cn.org.bjca.wsecx.outter.WSecXAppInterface
    public String signData(byte[] bArr, int i, int i2, boolean z) {
        byte[] signData;
        int i3;
        if (!this.config.isLogin()) {
            throw new WSecurityEngineException(1001, "请重新pin码登录");
        }
        if (bArr == null || this.config.getContainerAlias() == null) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.INPUT_PARAM_NULL_INVAILD, "signData参数输入为空:" + this.config.getContainerAlias());
        }
        String cert = getCert(this.config.getContainerAlias(), 2);
        String keyAlg = this.algBuild.buildAsymm(cert).getKeyAlg(Base64.decode(cert));
        if (i2 == -1) {
            if (keyAlg.equals(BJCAWirelessInterface.RSA_1024_ALG) || keyAlg.equals(BJCAWirelessInterface.RSA_2048_ALG)) {
                i3 = 1;
            } else {
                if (!keyAlg.equals(BJCAWirelessInterface.SM2_256_ALG)) {
                    throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.SIGN_CRYPT_ERROR, String.valueOf(keyAlg) + " :ALG no found");
                }
                i3 = 3;
            }
            signData = this.bacaInterface.signData(this.config.getContainerAlias(), i, i3, bArr, z);
        } else {
            signData = this.bacaInterface.signData(this.config.getContainerAlias(), i, i2, bArr, z);
        }
        if (signData == null) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.SIGN_CRYPT_ERROR, "signData签名失败" + this.config.getContainerAlias());
        }
        return new String(Base64.encode(signData));
    }

    @Override // cn.org.bjca.wsecx.outter.WSecXAppInterface
    public String signData(byte[] bArr, int i, boolean z) {
        return signData(bArr, i, -1, z);
    }

    @Override // cn.org.bjca.wsecx.outter.WSecXAppInterface
    public String signEleStamp(String str, long j, int i, int i2, String str2) {
        ConnectionDevice binderDevice = WSecurityEnginePackage.getBinderDevice();
        if (binderDevice == null) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.UNBINDER_EXCEPTION, "蓝牙数据没有绑定");
        }
        String picBase = binderDevice.getPicBase();
        if (!this.config.isLogin()) {
            throw new WSecurityEngineException(1001, "请重新pin码登录");
        }
        if (str == null) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.INPUT_PARAM_NULL_INVAILD, "参数输入为空" + str);
        }
        if (picBase == null || picBase.trim().equals("")) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.SIGN_STAMP_ERROR, "介质中未发现图片");
        }
        byte[] decode = Base64.decode(picBase);
        if (ByteUtil.byteTOString(decode, 0, 2).equalsIgnoreCase(TYPE_NAME)) {
            int byteTOIntR = ByteUtil.byteTOIntR(decode, 12, 4);
            byte[] bArr = new byte[byteTOIntR];
            System.arraycopy(decode, PICTURE_BEGIN_POINT, bArr, 0, byteTOIntR);
            picBase = Base64.encode(bArr);
        }
        String str3 = SPLIT_DATA_STAMP + str + SPLIT_DATA_STAMP + picBase + SPLIT_DATA_STAMP;
        String cert = getCert(this.config.getContainerAlias(), i);
        IWSexAsymmAlg buildAsymm = this.algBuild.buildAsymm(cert);
        if (buildAsymm == null) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.PKCS7_ENCODE_ERROR, buildAsymm + " :ALG no found");
        }
        try {
            String encode = Base64.encode(buildAsymm.getPubKeyByCert(Base64.decode(cert)));
            if (encode == null || cert == null) {
                throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.INPUT_PARAM_NULL_INVAILD, "读取公钥或证书错误");
            }
            String signData = signData(str3.getBytes(str2), i, false);
            if (signData == null) {
                throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.INPUT_PARAM_NULL_INVAILD, "厂商签名发生错误");
            }
            if (j < 0 || j == -1) {
                j = System.currentTimeMillis();
            }
            String valueOf = String.valueOf(j / 1000);
            StringBuffer stringBuffer = new StringBuffer(1024);
            stringBuffer.append(signData).append(SPLIT_SPECIAL_CHAR).append(encode).append(SPLIT_SPECIAL_CHAR).append(cert).append(SPLIT_SPECIAL_CHAR).append(valueOf).append(SPLIT_SPECIAL_CHAR).append(this.config.getContainerAlias()).append(SPLIT_SPECIAL_CHAR).append(SPLIT_SPECIAL_END).append(picBase).append(SPLIT_DATA_STAMP);
            return stringBuffer.toString();
        } catch (Exception e) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.SIGN_CRYPT_ERROR, String.valueOf(this.config.getContainerAlias()) + "===" + str2 + "==签名底层错误：" + e.getMessage());
        }
    }

    @Override // cn.org.bjca.wsecx.outter.WSecXAppInterface
    public String signEleStamp(String str, String str2, int i, String str3) {
        if (this.config.isLogin()) {
            return signEleStamp(str, str2, -1L, i, str3 == null ? "UTF-8" : str3);
        }
        throw new WSecurityEngineException(1001, "请重新pin码登录");
    }

    @Override // cn.org.bjca.wsecx.outter.WSecXAppInterface
    public String signEleStamp(String str, String str2, long j, int i, String str3) {
        if (str == null || str2 == null) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.INPUT_PARAM_NULL_INVAILD, "参数输入为空" + str);
        }
        byte[] decode = Base64.decode(str2);
        if (ByteUtil.byteTOString(decode, 0, 2).equalsIgnoreCase(TYPE_NAME)) {
            int byteTOIntR = ByteUtil.byteTOIntR(decode, 12, 4);
            byte[] bArr = new byte[byteTOIntR];
            System.arraycopy(decode, PICTURE_BEGIN_POINT, bArr, 0, byteTOIntR);
            str2 = Base64.encode(bArr);
        }
        try {
            String signData = signData((SPLIT_DATA_STAMP + str + SPLIT_DATA_STAMP + str2 + SPLIT_DATA_STAMP).getBytes(str3), i, false);
            if (signData == null) {
                throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.INPUT_PARAM_NULL_INVAILD, "厂商签名发生错误");
            }
            if (j < 0 || j == -1) {
                j = System.currentTimeMillis();
            }
            String valueOf = String.valueOf(j / 1000);
            String pubKey = getPubKey(this.config.getContainerAlias(), i);
            String cert = getCert(this.config.getContainerAlias(), i);
            if (pubKey == null || cert == null) {
                throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.INPUT_PARAM_NULL_INVAILD, "读取公钥或证书错误");
            }
            StringBuffer stringBuffer = new StringBuffer(1024);
            stringBuffer.append(signData).append(SPLIT_SPECIAL_CHAR).append(pubKey).append(SPLIT_SPECIAL_CHAR).append(cert).append(SPLIT_SPECIAL_CHAR).append(valueOf).append(SPLIT_SPECIAL_CHAR).append(this.config.getContainerAlias()).append(SPLIT_SPECIAL_CHAR).append(SPLIT_SPECIAL_END).append(str2).append(SPLIT_DATA_STAMP);
            return stringBuffer.toString();
        } catch (Exception e) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.SIGN_CRYPT_ERROR, String.valueOf(this.config.getContainerAlias()) + "===" + str3 + "==签名底层错误：" + e.getMessage());
        }
    }

    @Override // cn.org.bjca.wsecx.outter.WSecXAppInterface
    public String signEleStamp(String str, String str2, String str3, long j, String str4) {
        if (!this.config.isLogin()) {
            throw new WSecurityEngineException(1001, "请重新pin码登录");
        }
        if (str == null || str2 == null || str3 == null) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.INPUT_PARAM_NULL_INVAILD, "参数输入为空" + str);
        }
        byte[] decode = Base64.decode(str2);
        if (ByteUtil.byteTOString(decode, 0, 2).equalsIgnoreCase(TYPE_NAME)) {
            int byteTOIntR = ByteUtil.byteTOIntR(decode, 12, 4);
            byte[] bArr = new byte[byteTOIntR];
            System.arraycopy(decode, PICTURE_BEGIN_POINT, bArr, 0, byteTOIntR);
            str2 = Base64.encode(bArr);
        }
        try {
            String signDataByInner = signDataByInner((SPLIT_DATA_STAMP + str + SPLIT_DATA_STAMP + str2 + SPLIT_DATA_STAMP).getBytes(str4), str3, 2, false);
            if (signDataByInner == null) {
                throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.INPUT_PARAM_NULL_INVAILD, "厂商签名发生错误");
            }
            if (j < 0 || j == -1) {
                j = System.currentTimeMillis();
            }
            String valueOf = String.valueOf(j / 1000);
            IWSexAsymmAlg buildAsymm = this.algBuild.buildAsymm(str3);
            if (buildAsymm == null) {
                throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.PKCS7_ENCODE_ERROR, buildAsymm + " :ALG no found");
            }
            byte[] decode2 = Base64.decode(str3);
            String encode = Base64.encode(buildAsymm.getPubKeyByCert(decode2));
            if (encode == null || decode2 == null) {
                throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.INPUT_PARAM_NULL_INVAILD, "读取公钥或证书错误");
            }
            StringBuffer stringBuffer = new StringBuffer(1024);
            stringBuffer.append(signDataByInner).append(SPLIT_SPECIAL_CHAR).append(encode).append(SPLIT_SPECIAL_CHAR).append(str3).append(SPLIT_SPECIAL_CHAR).append(valueOf).append(SPLIT_SPECIAL_CHAR).append(this.config.getContainerAlias()).append(SPLIT_SPECIAL_CHAR).append(SPLIT_SPECIAL_END).append(str2).append(SPLIT_DATA_STAMP);
            return stringBuffer.toString();
        } catch (Exception e) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.SIGN_CRYPT_ERROR, String.valueOf(this.config.getContainerAlias()) + "===" + str4 + "==签名底层错误：" + e.getMessage());
        }
    }

    @Override // cn.org.bjca.wsecx.outter.WSecXAppInterface
    public String signSignedDataPkcs7(byte[] bArr, String str, int i) {
        String str2;
        DERObjectIdentifier dERObjectIdentifier;
        String str3;
        if (bArr == null || str == null) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.INPUT_PARAM_NULL_INVAILD, "signedDataPk1 参数输入为空");
        }
        CMSSignedDataGenerator cMSSignedDataGenerator = new CMSSignedDataGenerator();
        IWSexAsymmAlg buildAsymm = this.algBuild.buildAsymm(str);
        if (buildAsymm == null) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.PKCS7_ENCODE_ERROR, buildAsymm + " :ALG no found");
        }
        byte[] decode = Base64.decode(str);
        String keyAlg = buildAsymm.getKeyAlg(decode);
        DERObjectIdentifier dERObjectIdentifier2 = CMSObjectIdentifiers.signedData;
        if (keyAlg.equals(BJCAWirelessInterface.RSA_1024_ALG) || keyAlg.equals(BJCAWirelessInterface.RSA_2048_ALG)) {
            str2 = CMSSignedGenerator.ENCRYPTION_RSA;
            dERObjectIdentifier = CMSObjectIdentifiers.signedData;
        } else {
            if (!keyAlg.equals(BJCAWirelessInterface.SM2_256_ALG)) {
                throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.PKCS7_SIGN_ERROR, String.valueOf(keyAlg) + " :Asymm ALG no found");
            }
            str2 = CMSSignedGenerator.ENCRYPTION_SM2;
            dERObjectIdentifier = CMSObjectIdentifiers.signedDataSM2;
        }
        if (i == 1) {
            str3 = CMSSignedGenerator.DIGEST_SHA1;
        } else if (i == 2) {
            str3 = CMSSignedGenerator.DIGEST_SHA256;
        } else {
            if (i != 3) {
                throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.PKCS7_SIGN_ERROR, String.valueOf(i) + " :hashAlg no found");
            }
            str3 = CMSSignedGenerator.DIGEST_SM3;
        }
        getConfig().setAsymmAlg(keyAlg, i);
        try {
            X509CertificateStructure cert = buildAsymm.getCert(decode);
            if (cert == null) {
                throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.CERT_FORMAT_ERROR, "signSignedDataPkcs7 证书解析失败");
            }
            cMSSignedDataGenerator.addCertChains(new X509CertificateStructure[]{cert});
            cMSSignedDataGenerator.addSigner(cert, str2, str3, (AttributeTable) null, (AttributeTable) null);
            byte[] encoded = cMSSignedDataGenerator.generate(dERObjectIdentifier, new CMSProcessableByteArray(bArr), false, true, this, false, true).getEncoded();
            if (encoded != null) {
                return Base64.encode(encoded);
            }
            return null;
        } catch (Exception e) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.PKCS7_SIGN_ERROR, e);
        }
    }

    @Override // cn.org.bjca.wsecx.outter.WSecXAppInterface
    public String signSignedDataPkcs7(byte[] bArr, boolean z, boolean z2) {
        String str;
        DERObjectIdentifier dERObjectIdentifier;
        String str2;
        if (!this.config.isLogin()) {
            throw new WSecurityEngineException(1001, "请重新pin码登录");
        }
        if (bArr == null) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.INPUT_PARAM_NULL_INVAILD, "inData 参数输入为空");
        }
        String cert = getCert(this.config.getContainerAlias(), 2);
        CMSSignedDataGenerator cMSSignedDataGenerator = new CMSSignedDataGenerator();
        IWSexAsymmAlg buildAsymm = this.algBuild.buildAsymm(cert);
        if (buildAsymm == null) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.PKCS7_ENCODE_ERROR, buildAsymm + " :ALG no found");
        }
        byte[] decode = Base64.decode(cert);
        String keyAlg = buildAsymm.getKeyAlg(decode);
        DERObjectIdentifier dERObjectIdentifier2 = CMSObjectIdentifiers.signedData;
        if (keyAlg.equals(BJCAWirelessInterface.RSA_1024_ALG) || keyAlg.equals(BJCAWirelessInterface.RSA_2048_ALG)) {
            str = CMSSignedGenerator.ENCRYPTION_RSA;
            dERObjectIdentifier = CMSObjectIdentifiers.signedData;
        } else {
            if (!keyAlg.equals(BJCAWirelessInterface.SM2_256_ALG)) {
                throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.PKCS7_SIGN_ERROR, String.valueOf(keyAlg) + " :Asymm ALG no found");
            }
            str = CMSSignedGenerator.ENCRYPTION_SM2;
            dERObjectIdentifier = CMSObjectIdentifiers.signedDataSM2;
        }
        int algHash = this.config.getAlgHash();
        if (algHash == 1) {
            str2 = CMSSignedGenerator.DIGEST_SHA1;
        } else if (algHash == 2) {
            str2 = CMSSignedGenerator.DIGEST_SHA256;
        } else {
            if (algHash != 3) {
                throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.PKCS7_SIGN_ERROR, String.valueOf(algHash) + " :hashAlg no found");
            }
            str2 = CMSSignedGenerator.DIGEST_SM3;
        }
        getConfig().setAsymmAlg(keyAlg, algHash);
        try {
            X509CertificateStructure cert2 = buildAsymm.getCert(decode);
            if (cert2 == null) {
                throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.CERT_FORMAT_ERROR, "signSignedDataPkcs7 证书解析失败");
            }
            cMSSignedDataGenerator.addCertChains(new X509CertificateStructure[]{cert2});
            cMSSignedDataGenerator.addSigner(cert2, str, str2, (AttributeTable) null, (AttributeTable) null);
            byte[] encoded = cMSSignedDataGenerator.generate(dERObjectIdentifier, new CMSProcessableByteArray(bArr), z, z2, this, false, false).getEncoded();
            if (encoded != null) {
                return Base64.encode(encoded);
            }
            return null;
        } catch (Exception e) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.PKCS7_SIGN_ERROR, e);
        }
    }

    public String signSignedDataPkcs7(byte[] bArr, byte[] bArr2, int i, boolean z) {
        String str;
        DERObjectIdentifier dERObjectIdentifier;
        String str2;
        if (!this.config.isLogin()) {
            throw new WSecurityEngineException(1001, "请重新pin码登录");
        }
        if (bArr == null || bArr2 == null) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.INPUT_PARAM_NULL_INVAILD, "signedDataPk1 参数输入为空");
        }
        String encode = Base64.encode(bArr2);
        CMSSignedDataGenerator cMSSignedDataGenerator = new CMSSignedDataGenerator();
        IWSexAsymmAlg buildAsymm = this.algBuild.buildAsymm(encode);
        if (buildAsymm == null) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.PKCS7_ENCODE_ERROR, buildAsymm + " :ALG no found");
        }
        byte[] decode = Base64.decode(encode);
        String keyAlg = buildAsymm.getKeyAlg(decode);
        DERObjectIdentifier dERObjectIdentifier2 = CMSObjectIdentifiers.signedData;
        if (keyAlg.equals(BJCAWirelessInterface.RSA_1024_ALG) || keyAlg.equals(BJCAWirelessInterface.RSA_2048_ALG)) {
            str = CMSSignedGenerator.ENCRYPTION_RSA;
            dERObjectIdentifier = CMSObjectIdentifiers.signedData;
        } else {
            if (!keyAlg.equals(BJCAWirelessInterface.SM2_256_ALG)) {
                throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.PKCS7_SIGN_ERROR, String.valueOf(keyAlg) + " :Asymm ALG no found");
            }
            str = CMSSignedGenerator.ENCRYPTION_SM2;
            dERObjectIdentifier = CMSObjectIdentifiers.signedDataSM2;
        }
        if (i == 1) {
            str2 = CMSSignedGenerator.DIGEST_SHA1;
        } else if (i == 2) {
            str2 = CMSSignedGenerator.DIGEST_SHA256;
        } else {
            if (i != 3) {
                throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.PKCS7_SIGN_ERROR, String.valueOf(i) + " :hashAlg no found");
            }
            str2 = CMSSignedGenerator.DIGEST_SM3;
        }
        getConfig().setAsymmAlg(keyAlg, i);
        try {
            X509CertificateStructure cert = buildAsymm.getCert(decode);
            if (cert == null) {
                throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.CERT_FORMAT_ERROR, "signSignedDataPkcs7 证书解析失败");
            }
            cMSSignedDataGenerator.addCertChains(new X509CertificateStructure[]{cert});
            cMSSignedDataGenerator.addSigner(cert, str, str2, (AttributeTable) null, (AttributeTable) null);
            byte[] encoded = cMSSignedDataGenerator.generate(dERObjectIdentifier, new CMSProcessableByteArray(bArr), z, true, this, false, true).getEncoded();
            if (encoded != null) {
                return Base64.encode(encoded);
            }
            return null;
        } catch (Exception e) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.PKCS7_SIGN_ERROR, e);
        }
    }

    public String symmDecryptData(String str, byte[] bArr) {
        if (bArr == null || str == null) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.INPUT_PARAM_NULL_INVAILD, "参数输入为空");
        }
        byte[] defaultIV = CryptoUtil.getDefaultIV(this.config.getSymm(), this.config.getSymmMode());
        str.getBytes();
        try {
            byte[] symDecrypt = this.bacaInterface.symDecrypt(CryptoUtil.generateKey(str.toCharArray()), bArr, this.config.getSymm(), this.config.getSymmMode(), defaultIV);
            if (symDecrypt != null) {
                return Base64.encode(symDecrypt);
            }
            return null;
        } catch (Exception e) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.SYMM_CIPHER_INVALID, "厂商对称加解密失败：" + e.getMessage());
        }
    }

    @Override // cn.org.bjca.wsecx.outter.WSecXAppInterface
    public String symmDecryptData(byte[] bArr, byte[] bArr2) {
        if (bArr2 == null || bArr == null) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.INPUT_PARAM_NULL_INVAILD, "参数输入为空");
        }
        try {
            byte[] symDecrypt = this.bacaInterface.symDecrypt(bArr, bArr2, this.config.getSymm(), this.config.getSymmMode(), CryptoUtil.getDefaultIV(this.config.getSymm(), this.config.getSymmMode()));
            if (symDecrypt != null) {
                return Base64.encode(symDecrypt);
            }
            return null;
        } catch (Exception e) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.SYMM_CIPHER_INVALID, "厂商对称加解密失败：" + e.getMessage());
        }
    }

    @Override // cn.org.bjca.wsecx.outter.WSecXAppInterface
    public String symmDecryptData(byte[] bArr, byte[] bArr2, int i, int i2, byte[] bArr3) {
        if (bArr2 == null || bArr == null) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.INPUT_PARAM_NULL_INVAILD, "参数输入为空");
        }
        try {
            byte[] symDecrypt = this.bacaInterface.symDecrypt(bArr, bArr2, i, i2, bArr3);
            if (symDecrypt != null) {
                return Base64.encode(symDecrypt);
            }
            return null;
        } catch (Exception e) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.SYMM_CIPHER_INVALID, "厂商对称加解密失败：" + e.getMessage());
        }
    }

    public String symmEncryptData(String str, byte[] bArr) {
        if (bArr == null || str == null) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.INPUT_PARAM_NULL_INVAILD, "参数输入为空 key" + str);
        }
        str.getBytes();
        try {
            byte[] symEncrypt = this.bacaInterface.symEncrypt(CryptoUtil.generateKey(str.toCharArray()), bArr, this.config.getSymm(), this.config.getSymmMode(), CryptoUtil.getDefaultIV(this.config.getSymm(), this.config.getSymmMode()));
            if (symEncrypt != null) {
                return Base64.encode(symEncrypt);
            }
            return null;
        } catch (Exception e) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.SYMM_CIPHER_INVALID, "厂商对称加解密失败：" + e.getMessage());
        }
    }

    @Override // cn.org.bjca.wsecx.outter.WSecXAppInterface
    public String symmEncryptData(byte[] bArr, byte[] bArr2) {
        if (bArr2 == null || bArr == null) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.INPUT_PARAM_NULL_INVAILD, "参数输入为空 key" + bArr);
        }
        try {
            byte[] symEncrypt = this.bacaInterface.symEncrypt(bArr, bArr2, this.config.getSymm(), this.config.getSymmMode(), CryptoUtil.getDefaultIV(this.config.getSymm(), this.config.getSymmMode()));
            if (symEncrypt != null) {
                return Base64.encode(symEncrypt);
            }
            return null;
        } catch (Exception e) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.SYMM_CIPHER_INVALID, "厂商对称加解密失败：" + e.getMessage());
        }
    }

    @Override // cn.org.bjca.wsecx.outter.WSecXAppInterface
    public String symmEncryptData(byte[] bArr, byte[] bArr2, int i, int i2, byte[] bArr3) {
        if (bArr2 == null || bArr == null) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.INPUT_PARAM_NULL_INVAILD, "参数输入为空 key" + bArr);
        }
        try {
            byte[] symEncrypt = this.bacaInterface.symEncrypt(bArr, bArr2, i, i2, bArr3);
            if (symEncrypt != null) {
                return Base64.encode(symEncrypt);
            }
            return null;
        } catch (Exception e) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.SYMM_CIPHER_INVALID, "厂商对称加解密失败：" + e.getMessage());
        }
    }

    @Override // cn.org.bjca.wsecx.outter.WSecXAppInterface
    public boolean verifyEleStamp(String str, String str2, String str3) {
        String[] split = str2.split(SPLIT_SPECIAL_CHAR);
        if (split == null || str2 == null || split.length != EleStamp.END.ordinal()) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.INPUT_PARAM_NULL_INVAILD, "电子签章格式错误" + split.length);
        }
        String str4 = SPLIT_DATA_STAMP + str + split[EleStamp.PICTURE.ordinal()].substring(SPLIT_DATA_STAMP.length());
        Boolean.valueOf(false);
        try {
            return Boolean.valueOf(verifySignedData(split[EleStamp.CERT.ordinal()], str4.getBytes(str3), Base64.decode(split[EleStamp.SIGNDATA.ordinal()]), false)).booleanValue();
        } catch (UnsupportedEncodingException e) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.INPUT_PARAM_NULL_INVAILD, "字符集非法" + str3);
        }
    }

    @Override // cn.org.bjca.wsecx.outter.WSecXAppInterface
    public boolean verifySignedData(String str, byte[] bArr, byte[] bArr2, int i, boolean z) {
        IWSexSign buildSign;
        int i2;
        if (str == null || bArr == null || bArr2 == null) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.INPUT_PARAM_NULL_INVAILD, "verifySignedData参数输入为空");
        }
        byte[] decode = Base64.decode(str);
        if (decode == null) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.CERT_FORMAT_ERROR, "verifySignedData非法证书base64格式");
        }
        IWSexAsymmAlg buildAsymm = this.algBuild.buildAsymm(decode);
        try {
            byte[] pubKeyByCert = buildAsymm.getPubKeyByCert(decode);
            String keyAlg = buildAsymm.getKeyAlg(decode);
            if (i == -1) {
                if (keyAlg.equals(BJCAWirelessInterface.RSA_1024_ALG) || keyAlg.equals(BJCAWirelessInterface.RSA_2048_ALG)) {
                    i2 = 1;
                } else {
                    if (!keyAlg.equals(BJCAWirelessInterface.SM2_256_ALG)) {
                        throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.SIGN_CRYPT_ERROR, String.valueOf(keyAlg) + " :ALG no found");
                    }
                    i2 = 3;
                }
                buildSign = this.signBuild.buildSign(keyAlg, i2);
            } else {
                buildSign = this.signBuild.buildSign(keyAlg, i);
            }
            return buildSign.verify(bArr, bArr2, pubKeyByCert, z);
        } catch (WSecurityEngineException e) {
            throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.SIGN_VERIFY_INVALID, "验签不成功：" + e);
        }
    }

    @Override // cn.org.bjca.wsecx.outter.WSecXAppInterface
    public boolean verifySignedData(String str, byte[] bArr, byte[] bArr2, boolean z) {
        return verifySignedData(str, bArr, bArr2, -1, z);
    }

    @Override // cn.org.bjca.wsecx.outter.WSecXAppInterface
    public boolean verifySignedDataPkcs7(String str) {
        throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.UNIMPL_METHOD, "verifySignedDataPkcs7 no impl");
    }

    @Override // cn.org.bjca.wsecx.outter.WSecXAppInterface
    public boolean verifySignedDataPkcs7(String str, byte[] bArr) {
        throw new WSecurityEngineException(BJCAWirelessInfo.ErrorInfo.UNIMPL_METHOD, "verifySignedDataPkcs7 no impl");
    }
}
