package cn.org.bjca.java.security;

import bjca.org.multi.util.LoggerUtil;
import cn.org.bjca.config.ValueProvider;
import cn.org.bjca.config.XmlConfig;
import cn.org.bjca.exception.InitException;
import cn.org.bjca.exception.VerifySignDataException;
import cn.org.bjca.framework.Log;
import cn.org.bjca.java.utils.CryptoUtil;
import cn.org.bjca.java.utils.FileUtil;
import cn.org.bjca.java.utils.KeyPairUtil;
import cn.org.bjca.java.utils.KeyUtil;
import cn.org.bjca.java.utils.NumberUtil;
import cn.org.bjca.java.utils.Pkcs7Util;
import cn.org.bjca.java.utils.RsaUtil;
import cn.org.bjca.java.utils.SecretUtil;
import cn.org.bjca.java.utils.TimeStampUtil;
import cn.org.bjca.java.utils.TsUtil;
import cn.org.bjca.java.utils.XMLSignUtil;
import cn.org.bjca.security.SecurityUtil;
import cn.org.bjca.security.SuperEngine;
import cn.org.bjca.sign.check.IVerify;
import cn.org.bjca.utils.Base64Util;
import cn.org.bjca.utils.CertificateUtil;
import cn.org.bjca.utils.GetPathUtil;
import cn.org.bjca.utils.HashUtil;
import com.sansec.device.local.WrapCard;
import java.io.ByteArrayInputStream;
import java.io.FileInputStream;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.KeyFactory;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.spec.RSAPublicKeySpec;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Hashtable;
import java.util.Properties;
import java.util.StringTokenizer;
import java.util.TreeSet;
import org.bjca.asn1.ASN1InputStream;
import org.bjca.asn1.ASN1Sequence;
import org.bjca.asn1.x509.CertificateList;
import org.bjca.asn1.x509.RSAPublicKeyStructure;
import org.bjca.asn1.x509.X509CertificateStructure;
import org.bjca.asn1.x509.X509Name;
import org.bjca.crypto.params.RSAPrivateCrtKeyParameters;
import org.bjca.jce.JceProperties;
import org.bjca.jce.fastparser.DerUtil;
import org.bjca.jce.interfaces.P11Interface;
import org.bjca.util.MathUtil;
import org.bjca.util.P7bUtil;
import sun.misc.BASE64Decoder;

/* loaded from: classes.dex */
public class SecurityEngine extends Log {
    private String allP7b;
    private Hashtable crlTable;
    private String debug;
    private KeyStore keyStore;
    public int m_Iinitmodel;
    private String m_appName;
    private Properties m_appProhibitsList;
    private ArrayList m_catypeList;
    private String m_container;
    private String m_devType;
    private byte[] m_encryptCertBytes;
    private byte[] m_encryptPfx;
    private String m_keyType;
    private String m_password;
    private int m_policytype;
    private String m_privateDll;
    private String m_provider;
    private byte[] m_signCertBytes;
    private byte[] m_signPfx;
    private String m_uniqidoid;
    private String m_verifyTime;
    private P11Interface p11Impl;
    private HashMap p7Map;
    private RSAPrivateCrtKeyParameters privateCrtKey;
    private PrivateKey privateKey;
    private byte[] privateKeyByte;
    private byte[] purePrivateKey;
    private X509CertificateStructure strcSignCert;
    private ArrayList trustObjectList;

    public SecurityEngine(String str) {
        super(str);
        this.m_Iinitmodel = 3;
        this.debug = "false";
        this.m_container = null;
        this.m_appName = null;
        this.m_devType = null;
        this.m_password = null;
        this.m_keyType = null;
        this.m_provider = null;
        this.m_privateDll = null;
        this.m_policytype = 2;
        this.m_catypeList = null;
        this.trustObjectList = null;
        this.m_appProhibitsList = null;
        this.m_verifyTime = null;
        this.m_uniqidoid = null;
        this.m_signCertBytes = null;
        this.strcSignCert = null;
        this.m_encryptCertBytes = null;
        this.m_encryptPfx = null;
        this.m_signPfx = null;
        this.p7Map = new HashMap();
        this.crlTable = new Hashtable();
    }

    private boolean initSvrCert() {
        GetPathUtil getPathUtil = new GetPathUtil(this.applicationName);
        FileUtil fileUtil = new FileUtil(this.applicationName);
        KeyUtil keyUtil = new KeyUtil(this.applicationName);
        int parseInt = Integer.parseInt(this.m_keyType);
        if (this.m_Iinitmodel == 3) {
            String diskExchPfx = getPathUtil.getDiskExchPfx(this.m_container);
            this.m_encryptCertBytes = fileUtil.readFile(getPathUtil.getDiskExchCert(this.m_container));
            this.m_encryptPfx = fileUtil.readFile(diskExchPfx);
            if (parseInt == 1) {
                this.m_signCertBytes = this.m_encryptCertBytes;
                this.m_signPfx = this.m_encryptPfx;
            } else if (parseInt == 2) {
                String diskSignPfx = getPathUtil.getDiskSignPfx(this.m_container);
                this.m_signCertBytes = fileUtil.readFile(getPathUtil.getDiskSignCert(this.m_container));
                this.m_signPfx = fileUtil.readFile(diskSignPfx);
            }
        } else if (this.m_Iinitmodel == 4 || this.m_Iinitmodel == 6) {
            this.m_encryptCertBytes = fileUtil.readFile(getPathUtil.getDiskExchCert(this.m_container));
            if (parseInt == 1) {
                this.m_signCertBytes = this.m_encryptCertBytes;
            }
            try {
                this.keyStore = KeyStore.getInstance("JKS");
                FileInputStream fileInputStream = new FileInputStream(getPathUtil.getEnciphermentJksPath(this.m_container));
                this.keyStore.load(fileInputStream, this.m_password.toCharArray());
                fileInputStream.close();
                this.privateKey = (PrivateKey) this.keyStore.getKey(this.m_container, this.m_password.toCharArray());
                this.privateKeyByte = this.privateKey.getEncoded();
                this.privateCrtKey = keyUtil.getPrivateKey(this.privateKey);
            } catch (Exception e) {
                errorlog("Exception in initialized server certificate!", e);
                debuglog("Exception in initialized server certificate!");
                throw new InitException("Exception in initialized server certificate!");
            }
        } else if (this.m_Iinitmodel == 5) {
            try {
                if (this.m_provider != null) {
                    debuglog("The p11 Class == " + this.m_provider);
                    this.p11Impl = (P11Interface) Class.forName(this.m_provider).newInstance();
                    this.p11Impl.setProfilePath(GetPathUtil.getBJCAROOT_Path());
                } else {
                    debuglog("The p11 Class is null !!!");
                }
                try {
                    this.m_encryptCertBytes = this.p11Impl.exportUserCertificate(this.m_container, parseInt);
                    if (parseInt == 1) {
                        this.m_signCertBytes = this.m_encryptCertBytes;
                    }
                } catch (Exception e2) {
                    errorlog("Exception in initialized server certificate by p11!", e2);
                    debuglog("Exception in initialized server certificate by p11!");
                    throw new InitException("Exception in initialized server certificate by p11!");
                }
            } catch (Exception e3) {
                errorlog("Exception in initialized p11 interface by java!", e3);
                debuglog("Exception in initialized p11 interface by java!");
                throw new InitException("Exception in initialized p11 interface by java!");
            }
        } else if (this.m_Iinitmodel == 7 || this.m_Iinitmodel == 8) {
            this.m_encryptCertBytes = fileUtil.readFile(getPathUtil.getDiskExchCert(this.m_container));
            if (parseInt == 1) {
                this.m_signCertBytes = this.m_encryptCertBytes;
            }
            this.privateKeyByte = fileUtil.readFile(getPathUtil.getEnciphermentSm2Path(this.m_container));
        }
        this.strcSignCert = new CertificateUtil(this.applicationName).getX509CertStrc(this.m_signCertBytes);
        return true;
    }

    public String BJC_GetUniqIdOidByCAId(String str) {
        return ValueProvider.getTrustCert(str).getProperty("uniqidoid");
    }

    public byte[] createP7DetachedAndTimeStampedData(byte[] bArr) {
        return new Pkcs7Util(this.applicationName).createP7DetachedAndTimeStampedData(bArr, this.m_signCertBytes, this.privateKey);
    }

    public byte[] createTimeStamp(byte[] bArr) {
        return new TimeStampUtil(this.applicationName).timeStampResponseByRequest(bArr, this.m_Iinitmodel, this.strcSignCert, this.privateKey, this.privateKeyByte);
    }

    public String createTimeStampRequest(byte[] bArr, long j) {
        return new Base64Util(this.applicationName).BJS_EncodeBase64(new TimeStampUtil(this.applicationName).createTimeStampRequest(bArr, this.m_Iinitmodel));
    }

    public byte[] createTimeStampRequest(byte[] bArr, boolean z) {
        return new TimeStampUtil(this.applicationName).createTimeStampRequest(bArr, this.m_Iinitmodel, z);
    }

    public String createTimeStampResponse(String str, boolean z) {
        TimeStampUtil timeStampUtil = new TimeStampUtil(this.applicationName);
        Base64Util base64Util = new Base64Util(this.applicationName);
        return base64Util.BJS_EncodeBase64(timeStampUtil.timeStampResponseByRequest(base64Util.BJS_DecodeBase64(str), z, this.m_Iinitmodel, this.strcSignCert, this.privateKey, this.privateKeyByte, this.p11Impl));
    }

    public String createTsRespByOriginalData(byte[] bArr, boolean z) {
        return new TimeStampUtil(this.applicationName).timeStampResponse(bArr, z, 0L, this.m_Iinitmodel, this.strcSignCert, this.m_signPfx, this.m_signCertBytes, this.m_keyType, this.m_container, this.privateKey, this.privateKeyByte, this.p11Impl);
    }

    public byte[] decodeP7EnvelopedData(byte[] bArr) {
        Pkcs7Util pkcs7Util = new Pkcs7Util(this.applicationName);
        return (this.m_Iinitmodel == 7 || this.m_Iinitmodel == 8) ? pkcs7Util.pkcs7DecodeEnvelope_sm2(bArr, this.privateKeyByte, this.m_encryptCertBytes) : pkcs7Util.BJE_Pkcs7DecodeEnvelope(bArr, this.m_Iinitmodel, this.m_encryptPfx, this.m_keyType, this.m_container, this.privateKey, this.p11Impl, this.m_encryptCertBytes);
    }

    public String decodeP7SignAndEnvelopeData(String str) {
        return new Pkcs7Util(this.applicationName).BJE_Pkcs7DecodeSignAndEnvelope(str, this.m_Iinitmodel, this.m_keyType, this.m_container, this.privateKey, this.p11Impl, this.m_encryptCertBytes);
    }

    public String decryptData(String str, String str2, long j) {
        CryptoUtil cryptoUtil = new CryptoUtil(this.applicationName);
        byte[] bArr = new byte[8];
        for (int i = 0; i < 8; i++) {
            bArr[i] = (byte) (i + 2);
        }
        return new String(cryptoUtil.decryptData_3des_ecb(new BASE64Decoder().decodeBuffer(str), new BASE64Decoder().decodeBuffer(str2)));
    }

    public boolean decryptData(String str, InputStream inputStream, OutputStream outputStream, long j) {
        CryptoUtil cryptoUtil = new CryptoUtil(this.applicationName);
        byte[] bArr = new byte[8];
        for (int i = 0; i < 8; i++) {
            bArr[i] = (byte) (i + 2);
        }
        return cryptoUtil.decryptData_3des_ecb(new BASE64Decoder().decodeBuffer(str), inputStream, outputStream);
    }

    public byte[] decryptData(byte[] bArr, byte[] bArr2, long j) {
        CryptoUtil cryptoUtil = new CryptoUtil(this.applicationName);
        byte[] bArr3 = new byte[8];
        for (int i = 0; i < 8; i++) {
            bArr3[i] = (byte) (i + 2);
        }
        return cryptoUtil.decryptData_3des_ecb(bArr, bArr2);
    }

    public boolean decryptFile(String str, String str2, String str3, long j) {
        return new FileUtil(this.applicationName).BJS_SymmDecFile(str2, str3, new Base64Util(this.applicationName).BJS_DecodeBase64(str), j, 1L);
    }

    public byte[] encodeP7EnvelopedData(String str, byte[] bArr, long j) {
        Pkcs7Util pkcs7Util = new Pkcs7Util(this.applicationName);
        Base64Util base64Util = new Base64Util(this.applicationName);
        CertificateUtil certificateUtil = new CertificateUtil(this.applicationName);
        byte[] BJS_DecodeBase64 = base64Util.BJS_DecodeBase64(str);
        return "ECC".endsWith(certificateUtil.BJC_GetBasicCertInfo(BJS_DecodeBase64, 31L)) ? pkcs7Util.pkcs7EncodeEnvelope_sm2(bArr, BJS_DecodeBase64) : pkcs7Util.BJE_Pkcs7EncodeEnvelope(bArr, BJS_DecodeBase64, j);
    }

    public String encodeP7SignAndEnvelopData(String str, String str2) {
        return new Pkcs7Util(this.applicationName).BJE_Pkcs7EncodeSignAndEnvelope(str2, this.m_Iinitmodel, this.m_signCertBytes, this.m_keyType, this.m_container, this.privateKey, this.p11Impl, new Base64Util(this.applicationName).BJS_DecodeBase64(str));
    }

    public String encryptDataByteKey(byte[] bArr, String str, long j) {
        CryptoUtil cryptoUtil = new CryptoUtil(this.applicationName);
        Base64Util base64Util = new Base64Util(this.applicationName);
        byte[] bArr2 = new byte[8];
        for (int i = 0; i < 8; i++) {
            bArr2[i] = (byte) (i + 2);
        }
        return base64Util.BJS_EncodeBase64(cryptoUtil.encryptData_3des_ecb(bArr, str.getBytes()));
    }

    public byte[] encryptDataReByte(String str, String str2, long j) {
        CryptoUtil cryptoUtil = new CryptoUtil(this.applicationName);
        byte[] bArr = new byte[8];
        for (int i = 0; i < 8; i++) {
            bArr[i] = (byte) (i + 2);
        }
        return cryptoUtil.encryptData_3des_ecb(new BASE64Decoder().decodeBuffer(str), str2.getBytes());
    }

    public byte[] encryptDataReByte(byte[] bArr, byte[] bArr2, long j) {
        CryptoUtil cryptoUtil = new CryptoUtil(this.applicationName);
        byte[] bArr3 = new byte[8];
        for (int i = 0; i < 8; i++) {
            bArr3[i] = (byte) (i + 2);
        }
        return cryptoUtil.encryptData_3des_ecb(bArr, bArr2);
    }

    public String encryptDataStringKey(String str, String str2, long j) {
        CryptoUtil cryptoUtil = new CryptoUtil(this.applicationName);
        Base64Util base64Util = new Base64Util(this.applicationName);
        byte[] bArr = new byte[8];
        for (int i = 0; i < 8; i++) {
            bArr[i] = (byte) (i + 2);
        }
        return base64Util.BJS_EncodeBase64(cryptoUtil.encryptData_3des_ecb(new BASE64Decoder().decodeBuffer(str), str2.getBytes()));
    }

    public boolean encryptDataStringKey(String str, InputStream inputStream, OutputStream outputStream, long j) {
        CryptoUtil cryptoUtil = new CryptoUtil(this.applicationName);
        byte[] bArr = new byte[8];
        for (int i = 0; i < 8; i++) {
            bArr[i] = (byte) (i + 2);
        }
        return cryptoUtil.encryptData_3des_ecb(new BASE64Decoder().decodeBuffer(str), inputStream, outputStream);
    }

    public boolean encryptFile(String str, String str2, String str3, long j) {
        return new FileUtil(this.applicationName).BJS_SymmEncFile(str2, str3, new Base64Util(this.applicationName).BJS_DecodeBase64(str), j, 1L);
    }

    public Object[] generatorKeyPair(int i, int i2) {
        Object[] objArr = (Object[]) null;
        KeyPairUtil keyPairUtil = new KeyPairUtil(this.applicationName);
        if (i != 0) {
            return i == 1 ? new Object[]{keyPairUtil.generatorKeyPair_sm2()} : objArr;
        }
        keyPairUtil.generatorKeyPair(i2);
        return new Object[]{keyPairUtil.getPublicKey(), keyPairUtil.getPrivateKey()};
    }

    public String getAllP7b() {
        return this.allP7b;
    }

    public String getCertInfo(String str, int i) {
        return new CertificateUtil(this.applicationName).BJC_GetBasicCertInfo(new Base64Util(this.applicationName).BJS_DecodeBase64(str), i);
    }

    public String getCertInfoByOid(String str, String str2) {
        return new CertificateUtil(this.applicationName).BJC_GetExtCertInfo(new Base64Util(this.applicationName).BJS_DecodeBase64(str), str2);
    }

    public String getContainer() {
        return this.m_container;
    }

    public byte[] getEncryptCertBytes() {
        return this.m_encryptCertBytes;
    }

    public String getEncryptCertString() {
        return new Base64Util(this.applicationName).BJS_EncodeBase64(this.m_encryptCertBytes);
    }

    public byte[] getEncryptPfx() {
        return this.m_encryptPfx;
    }

    public int getIinitmodel() {
        return this.m_Iinitmodel;
    }

    public String getKeyType() {
        return this.m_keyType;
    }

    public String getP7DetachedAndTimeStampedDataInfo(byte[] bArr, int i) {
        ArrayList p7DetachedAndTimeStampedDataInfo = new Pkcs7Util(this.applicationName).getP7DetachedAndTimeStampedDataInfo(bArr, i);
        if (i < 1 || i >= 5) {
            return null;
        }
        return (String) p7DetachedAndTimeStampedDataInfo.get(i - 1);
    }

    public String getP7SignDataInfo(String str, int i) {
        Base64Util base64Util = new Base64Util(this.applicationName);
        ArrayList p7SignDataInfo = new Pkcs7Util(this.applicationName).getP7SignDataInfo(base64Util.BJS_DecodeBase64(str));
        if (i == 1) {
            return new String((byte[]) p7SignDataInfo.get(i - 1));
        }
        if (i == 2 || i == 3) {
            return base64Util.BJS_EncodeBase64((byte[]) p7SignDataInfo.get(i - 1));
        }
        return null;
    }

    public byte[] getP7SignDataInfo(byte[] bArr, int i) {
        ArrayList p7SignDataInfo = new Pkcs7Util(this.applicationName).getP7SignDataInfo(bArr);
        if (i < 1 || i >= 4) {
            return null;
        }
        return (byte[]) p7SignDataInfo.get(i - 1);
    }

    public String getPassword() {
        return this.m_password;
    }

    public String getPrivateDll() {
        return this.m_privateDll;
    }

    public String getProvider() {
        return this.m_provider;
    }

    public byte[] getRandomByte() {
        return new NumberUtil(this.applicationName).BJK_GenRandomBytes(10);
    }

    public byte[] getRandomByte(int i) {
        return new NumberUtil(this.applicationName).BJK_GenRandomBytes(i);
    }

    public String getRandomString() {
        return new Base64Util(this.applicationName).BJS_EncodeBase64(new NumberUtil(this.applicationName).BJK_GenRandomBytes(10));
    }

    public String getRandomString(int i) {
        return new Base64Util(this.applicationName).BJS_EncodeBase64(new NumberUtil(this.applicationName).BJK_GenRandomBytes(i));
    }

    public byte[] getSignCertBytes() {
        return this.m_signCertBytes;
    }

    public String getSignCertString() {
        return new Base64Util(this.applicationName).BJS_EncodeBase64(this.m_signCertBytes);
    }

    public byte[] getSignPfx() {
        return this.m_signPfx;
    }

    public String getTimeStampInfo(String str, int i) {
        ArrayList timeStampInfo = new TimeStampUtil(this.applicationName).getTimeStampInfo(str, this.m_Iinitmodel);
        if (i < 1 || i >= 5) {
            return null;
        }
        return (String) timeStampInfo.get(i - 1);
    }

    public String getTimeStampInfo(byte[] bArr, int i) {
        ArrayList timeStampInfo = new TimeStampUtil(this.applicationName).getTimeStampInfo(bArr, this.m_Iinitmodel);
        if (i < 1 || i >= 5) {
            return null;
        }
        return (String) timeStampInfo.get(i - 1);
    }

    public String getTotalTsReq(ArrayList arrayList, ArrayList arrayList2, long j) {
        TsUtil tsUtil = new TsUtil(this.applicationName);
        byte[] hashAll = hashAll(arrayList, arrayList2, j);
        return tsUtil.BJT_TSRequest(hashAll, hashAll.length, j);
    }

    public String getXMLSignatureInfo(String str, int i) {
        return new XMLSignUtil(this.applicationName).BJX_getXMLSignatureInfo(str, i);
    }

    public byte[] hashAll(ArrayList arrayList, ArrayList arrayList2, long j) {
        return new HashUtil(this.applicationName).hashAll(arrayList, arrayList2, j);
    }

    public String hashFile(String str, long j) {
        return new Base64Util(this.applicationName).BJS_EncodeBase64(new HashUtil(this.applicationName).BJS_HashFile(j, str));
    }

    public byte[] hash_byte(byte[] bArr) {
        if (this.m_Iinitmodel != 7 && this.m_Iinitmodel != 8) {
            return new HashUtil(this.applicationName).BJS_HashBytes(0L, bArr);
        }
        try {
            return new WrapCard().sm3(bArr, null, null);
        } catch (Exception e) {
            errorlog("Exception in sm2 signature with hashed Data!", e);
            debuglog("Exception in sm2 signature with hashed Data!", e);
            return null;
        }
    }

    public boolean initP7Cert() {
        String str;
        try {
            FileUtil fileUtil = new FileUtil(this.applicationName);
            Base64Util base64Util = new Base64Util(this.applicationName);
            CertificateUtil certificateUtil = new CertificateUtil(this.applicationName);
            String str2 = new String(fileUtil.readFile(String.valueOf(GetPathUtil.getConfigPath()) + "/Trust/p7b/" + this.applicationName));
            if (str2.substring(0, 1).equals(IVerify.REMOTE) && str2.substring(1, 4).equals("###")) {
                str = new String(SecurityUtil.getInstance().decryptData(MathUtil.conversionKey(base64Util.BJS_DecodeBase64("LjkyMDU2MjA2Ni42MDE3Mjk2NTkwODEy"), certificateUtil.BJC_GetBasicCertInfo(this.m_signCertBytes, 30L).getBytes()), base64Util.BJS_DecodeBase64(str2.substring(4))));
            } else {
                str = new String(decodeP7EnvelopedData(new Base64Util(this.applicationName).BJS_DecodeBase64(str2)));
            }
            StringTokenizer stringTokenizer = new StringTokenizer(str, "###");
            while (stringTokenizer.hasMoreElements()) {
                String obj = stringTokenizer.nextElement().toString();
                X509CertificateStructure[] certChain = P7bUtil.getCertChain(base64Util.BJS_DecodeBase64(obj));
                if (certificateUtil.validateCertChain(certChain, this.m_Iinitmodel)) {
                    int length = certChain.length;
                    int i = 0;
                    while (true) {
                        if (i >= length) {
                            break;
                        }
                        if (certChain[i] == null) {
                            fileUtil.writeFile((String.valueOf(obj) + "###").getBytes(), String.valueOf(GetPathUtil.getConfigPath()) + "/Trust/errorp7");
                            System.out.println("FIND ONE P7 CERT IS NULL!!!, MAYBE THE P7 CERT IS ERROR!!!");
                            debuglog("FIND ONE P7 CERT IS NULL!!!, MAYBE THE P7 CERT IS ERROR!!!");
                            errorlog("FIND ONE P7 CERT IS NULL!!!, MAYBE THE P7 CERT IS ERROR!!!");
                            break;
                        }
                        i++;
                    }
                    if (certChain[0] != null) {
                        this.p7Map.put(certChain[0].getSubject(), certChain[0]);
                    }
                }
            }
            this.allP7b = str;
            return true;
        } catch (Exception e) {
            e.printStackTrace();
            errorlog("Exception in initializing P7 certificate", e);
            debuglog("Exception in initializing P7 certificate");
            return false;
        }
    }

    public boolean initialApp(String str) {
        if (XmlConfig.version == null) {
            XmlConfig.loadConfig();
        }
        setAppValue(str);
        return (this.m_encryptCertBytes == null ? initSvrCert() : false) && initP7Cert();
    }

    public byte[] priKeyDecrypt(byte[] bArr) {
        if (this.m_Iinitmodel != 7 && this.m_Iinitmodel != 8) {
            return new RsaUtil(this.applicationName).BJK_RsaDecrypt(bArr, this.m_Iinitmodel, this.m_keyType, this.m_container, this.m_encryptPfx, this.privateKey, this.p11Impl);
        }
        try {
            return new WrapCard().sm2Decrypt(this.privateKeyByte, bArr);
        } catch (Exception e) {
            errorlog("Exception in sm2 decrypt !", e);
            debuglog("Exception in sm2 decrypt !", e);
            return null;
        }
    }

    public String priKeyDecrypt_OAEP(String str) {
        return new RsaUtil(this.applicationName).BJK_RsaDecrypt_OAEP(str, this.m_Iinitmodel, this.m_keyType, this.m_container, this.m_encryptPfx, this.privateKey, this.p11Impl);
    }

    public byte[] pubKeyEncrypt(byte[] bArr, byte[] bArr2) {
        byte[] sm2Encrypt;
        if ("ECC".endsWith(new CertificateUtil(this.applicationName).BJC_GetBasicCertInfo(bArr, 31L))) {
            try {
                sm2Encrypt = new WrapCard().sm2Encrypt(new CertificateUtil(this.applicationName).getX509CertStrc(bArr), bArr2);
            } catch (Exception e) {
                errorlog("Exception in sm2 encrypt !", e);
                debuglog("Exception in sm2 encrypt !", e);
                return null;
            }
        } else {
            sm2Encrypt = new RsaUtil(this.applicationName).BJK_RsaEncrypt(bArr2, bArr);
        }
        return sm2Encrypt;
    }

    public String pubKeyEncrypt_OAEP(String str, String str2) {
        Base64Util base64Util = new Base64Util(this.applicationName);
        return new RsaUtil(this.applicationName).BJK_RsaEncrypt_OAEP(str2.getBytes(), base64Util.BJS_DecodeBase64(str));
    }

    public String pubKeyEncrypt_OAEP(String str, byte[] bArr) {
        return new RsaUtil(this.applicationName).BJK_RsaEncrypt_OAEP(bArr, new Base64Util(this.applicationName).BJS_DecodeBase64(str));
    }

    public String secretRecovery(String str) {
        return new SecretUtil(this.applicationName).BJ_SecertRecovery(str);
    }

    public String secretSegment(String str, int i, int i2, int i3) {
        return new SecretUtil(this.applicationName).BJ_SecertSegment(str, i, i2, i3);
    }

    public void setAppValue(String str) {
        Properties properties = (Properties) XmlConfig.getListWebapps().get(str);
        this.m_appName = str;
        this.debug = properties.getProperty("debug");
        if ("false".equals(this.debug)) {
            LoggerUtil.setDebug(this.m_appName, "false");
            debuglog("debug log closed!");
        } else if ("true".equals(this.debug)) {
            LoggerUtil.setDebug(this.m_appName, "true");
            debuglog("debug log opened!");
        }
        this.m_container = properties.getProperty("container");
        this.m_password = ((Properties) XmlConfig.getListCerts().get(this.m_container)).getProperty("password");
        this.m_keyType = ((Properties) XmlConfig.getListCerts().get(this.m_container)).getProperty("keytype");
        String property = ((Properties) XmlConfig.getListCerts().get(this.m_container)).getProperty("devicename");
        this.m_devType = ((Properties) XmlConfig.getListDevices().get(property)).getProperty("providertype");
        this.m_Iinitmodel = Integer.parseInt(this.m_devType);
        this.m_provider = ((Properties) XmlConfig.getListDevices().get(property)).getProperty("provider");
        this.m_privateDll = ((Properties) XmlConfig.getListDevices().get(property)).getProperty("privatedll");
        this.m_verifyTime = properties.getProperty("verifytime");
        String property2 = properties.getProperty("policytype");
        if (property2 != null) {
            this.m_policytype = Integer.parseInt(property2);
        }
        this.m_catypeList = ValueProvider.getAllTrustName(str);
        this.trustObjectList = ValueProvider.getAllTrust(str);
        this.m_appProhibitsList = (Properties) ((Properties) XmlConfig.getListWebappsProhibits().get(str)).clone();
        this.m_uniqidoid = properties.getProperty("uniqidoid");
    }

    public String signAll(ArrayList arrayList, ArrayList arrayList2, long j) {
        return new Base64Util(this.applicationName).BJS_EncodeBase64(new RsaUtil(this.applicationName).BJK_RsaSignNoHash(hashAll(arrayList, arrayList2, j), j, this.m_Iinitmodel, this.m_signPfx, this.m_keyType, this.m_container, this.privateKey, this.p11Impl, this.privateKeyByte, this.purePrivateKey));
    }

    public byte[] signData(byte[] bArr, long j) {
        if (this.m_Iinitmodel != 7 && this.m_Iinitmodel != 8) {
            return new RsaUtil(this.applicationName).BJK_RsaSignNoHash(bArr, j, this.m_Iinitmodel, this.m_signPfx, this.m_keyType, this.m_container, this.privateKey, this.p11Impl, this.privateKeyByte, this.purePrivateKey);
        }
        try {
            return new WrapCard().sm3WithSM2Sign(bArr, this.strcSignCert, this.privateKeyByte);
        } catch (Exception e) {
            errorlog("Exception in sm2 signature !", e);
            debuglog("Exception in sm2 signature !", e);
            return null;
        }
    }

    public String signDataPkcs7(byte[] bArr, long j) {
        return new Base64Util(this.applicationName).BJS_EncodeBase64(new Pkcs7Util(this.applicationName).BJE_Pkcs7Sign(bArr, j, this.m_Iinitmodel, this.m_signPfx, this.m_signCertBytes, this.m_keyType, this.m_container, this.privateKey, this.p11Impl, this.privateKeyByte, true));
    }

    public String signDataPkcs7Base64(String str, long j) {
        Pkcs7Util pkcs7Util = new Pkcs7Util(this.applicationName);
        Base64Util base64Util = new Base64Util(this.applicationName);
        return base64Util.BJS_EncodeBase64(pkcs7Util.BJE_Pkcs7Sign(base64Util.BJS_DecodeBase64(str), j, this.m_Iinitmodel, this.m_signPfx, this.m_signCertBytes, this.m_keyType, this.m_container, this.privateKey, this.p11Impl, this.privateKeyByte, true));
    }

    public String signDataPkcs7_detach(byte[] bArr, long j) {
        return new Base64Util(this.applicationName).BJS_EncodeBase64(new Pkcs7Util(this.applicationName).BJE_Pkcs7Sign(bArr, j, this.m_Iinitmodel, this.m_signPfx, this.m_signCertBytes, this.m_keyType, this.m_container, this.privateKey, this.p11Impl, this.privateKeyByte, false));
    }

    public String signDataPkcs7_file_detach(String str, long j) {
        return new Pkcs7Util(this.applicationName).BJE_Pkcs7Sign_file_detach(str, j, this.m_Iinitmodel, this.m_signPfx, this.m_signCertBytes, this.m_keyType, this.m_container, this.privateKey, this.p11Impl, this.privateKeyByte);
    }

    public String signDataXML(String str, long j) {
        return new XMLSignUtil(this.applicationName).BJX_SignedDataXML_Sign(this, str, j, this.m_Iinitmodel, this.m_signPfx, this.m_keyType, this.m_container, this.privateKey, this.p11Impl, this.privateKeyByte, this.purePrivateKey);
    }

    public String signFile(InputStream inputStream, long j) {
        return new RsaUtil(this.applicationName).BJK_RsaSign_File(inputStream, j, this.m_Iinitmodel, this.m_signPfx, this.m_keyType, this.m_container, this.privateKey, this.p11Impl);
    }

    public String signFile(String str, long j) {
        return new RsaUtil(this.applicationName).BJK_RsaSign_File(str, j, this.m_Iinitmodel, this.m_signPfx, this.m_keyType, this.m_container, this.privateKey, this.p11Impl);
    }

    public byte[] signHashDataPkcs1(byte[] bArr) {
        RsaUtil rsaUtil = new RsaUtil(this.applicationName);
        if (this.m_Iinitmodel != 7 && this.m_Iinitmodel != 8) {
            return rsaUtil.signHashData(bArr, this.m_Iinitmodel, this.m_keyType, this.m_container, this.privateCrtKey, this.p11Impl, this.privateKeyByte);
        }
        try {
            return new WrapCard().sm2SignWithHashedData(bArr, this.privateKeyByte);
        } catch (Exception e) {
            errorlog("Exception in sm2 signature with hashed Data!", e);
            debuglog("Exception in sm2 signature with hashed Data!", e);
            return null;
        }
    }

    public byte[] signHashedDataPkcs7_detach(byte[] bArr, long j) {
        return new Pkcs7Util(this.applicationName).signHashedDataByP7Detach(bArr, this.m_Iinitmodel, this.m_signCertBytes, this.m_keyType, this.m_container, this.privateCrtKey);
    }

    public int validateCert(String str) {
        return new CertificateUtil(this.applicationName).verifyCertificate(new Base64Util(this.applicationName).BJS_DecodeBase64(str), this.m_Iinitmodel, this.p7Map, this.crlTable, this.m_verifyTime, this.m_policytype, this.m_catypeList, this.m_appProhibitsList, this.m_uniqidoid);
    }

    public void verifyCRL() {
        CertificateUtil certificateUtil = new CertificateUtil(this.applicationName);
        HashMap hashMap = (HashMap) this.p7Map.clone();
        Hashtable hashtable = (Hashtable) SuperEngine.listCrl.clone();
        Hashtable hashtable2 = (Hashtable) SuperEngine.listCrlSn.clone();
        for (X509Name x509Name : hashMap.keySet()) {
            X509CertificateStructure x509CertificateStructure = (X509CertificateStructure) hashMap.get(x509Name);
            CertificateList certificateList = (CertificateList) hashtable.get(x509Name);
            if (certificateList != null) {
                boolean isCRLValid = certificateUtil.isCRLValid(certificateList, x509CertificateStructure);
                debuglog(String.valueOf(x509Name.toString()) + " CRL verification result == " + isCRLValid);
                if (isCRLValid) {
                    this.crlTable.put(x509Name, (TreeSet) hashtable2.get(x509Name));
                } else {
                    errorlog(String.valueOf(x509Name.toString()) + " crl is invalid !!!, need to update crl again!!!");
                    System.out.println(String.valueOf(x509Name.toString()) + " CRL IS INVALID!!! MUST UPDATE THE CRL AGAIN!!!");
                }
            } else {
                debuglog(String.valueOf(x509Name.toString()) + " CRL IS NULL !");
                System.out.println(String.valueOf(x509Name.toString()) + " CRL IS NULL !");
            }
        }
    }

    public int verifyP7DetachedAndTimeStampedData(byte[] bArr) {
        return new Pkcs7Util(this.applicationName).verifyP7DetachedAndTimeStampedData(bArr);
    }

    public boolean verifySignAll(ArrayList arrayList, ArrayList arrayList2, String str, String str2, long j) {
        Base64Util base64Util = new Base64Util(this.applicationName);
        return new RsaUtil(this.applicationName).BJK_RsaVerifyNoHash(hashAll(arrayList, arrayList2, j), base64Util.BJS_DecodeBase64(str2), base64Util.BJS_DecodeBase64(str), j);
    }

    public boolean verifySignatureByHashedData(String str, byte[] bArr, byte[] bArr2) {
        Base64Util base64Util = new Base64Util(this.applicationName);
        RsaUtil rsaUtil = new RsaUtil(this.applicationName);
        CertificateUtil certificateUtil = new CertificateUtil(this.applicationName);
        byte[] BJS_DecodeBase64 = base64Util.BJS_DecodeBase64(str);
        String BJC_GetBasicCertInfo = certificateUtil.BJC_GetBasicCertInfo(BJS_DecodeBase64, 31L);
        X509CertificateStructure x509CertStrc = certificateUtil.getX509CertStrc(BJS_DecodeBase64);
        if (!"ECC".endsWith(BJC_GetBasicCertInfo)) {
            return rsaUtil.verifySignHashedData(bArr, bArr2, x509CertStrc);
        }
        try {
            return new WrapCard().vefiySm2SignWithHashedData(bArr, x509CertStrc, bArr2);
        } catch (Exception e) {
            errorlog("Exception in sm2 signature with hashed Data!", e);
            debuglog("Exception in sm2 signature with hashed Data!", e);
            throw new VerifySignDataException("Exception in sm2 signature with hashed Data!");
        }
    }

    public boolean verifySignedData(byte[] bArr, byte[] bArr2, String str, long j) {
        Base64Util base64Util = new Base64Util(this.applicationName);
        CertificateUtil certificateUtil = new CertificateUtil(this.applicationName);
        byte[] BJS_DecodeBase64 = base64Util.BJS_DecodeBase64(str);
        if (!"ECC".endsWith(certificateUtil.BJC_GetBasicCertInfo(BJS_DecodeBase64, 31L))) {
            return new RsaUtil(this.applicationName).BJK_RsaVerifyNoHash(bArr, bArr2, base64Util.BJS_DecodeBase64(str), j);
        }
        try {
            return new WrapCard().vefiySM3WithSM2Sign(bArr, new X509CertificateStructure((ASN1Sequence) DerUtil.writeBytesToDERObj(BJS_DecodeBase64)), bArr2);
        } catch (Exception e) {
            errorlog("Exception in sm2 verify signature !", e);
            debuglog("Exception in sm2 verify signature !", e);
            throw new VerifySignDataException("Exception in sm2 verify signature");
        }
    }

    public boolean verifySignedData(byte[] bArr, byte[] bArr2, byte[] bArr3) {
        if (bArr3.length == 64) {
            try {
                return new WrapCard().vefiySM3WithSM2Sign(bArr, bArr3, bArr2);
            } catch (Exception e) {
                errorlog("Exception in sm2 verify signature !", e);
                debuglog("Exception in sm2 verify signature !", e);
                throw new VerifySignDataException("Exception in sm2 verify signature");
            }
        }
        try {
            KeyFactory keyFactory = KeyFactory.getInstance(JceProperties.BCA_RSA);
            RSAPublicKeyStructure rSAPublicKeyStructure = new RSAPublicKeyStructure((ASN1Sequence) new ASN1InputStream(new ByteArrayInputStream(bArr3)).readObject());
            return new RsaUtil(this.applicationName).BJK_RsaVerifyNoHash(bArr, bArr2, keyFactory.generatePublic(new RSAPublicKeySpec(rSAPublicKeyStructure.getModulus(), rSAPublicKeyStructure.getPublicExponent())));
        } catch (Exception e2) {
            errorlog("Exception in rsa verify signature !", e2);
            debuglog("Exception in rsa verify signature !", e2);
            throw new VerifySignDataException("Exception in rsa verify signature");
        }
    }

    public boolean verifySignedDataPkcs7(String str) {
        return new Pkcs7Util(this.applicationName).BJE_Pkcs7Verify(null, str);
    }

    public boolean verifySignedDataXML(String str, long j) {
        return new XMLSignUtil(this.applicationName).BJX_SignedDataXML_Verify(str, j);
    }

    public boolean verifySignedFile(String str, InputStream inputStream, String str2, long j) {
        return new RsaUtil(this.applicationName).BJK_RsaVerify_File(inputStream, str2, str, j);
    }

    public boolean verifySignedFile(String str, String str2, String str3, long j) {
        return new RsaUtil(this.applicationName).BJK_RsaVerify_File(str2, str3, str, j);
    }

    public String verifySignedP7Data_detach(byte[] bArr, String str) {
        return new Base64Util(this.applicationName).BJS_EncodeBase64(new Pkcs7Util(this.applicationName).BJE_Pkcs7Verify_reCert(bArr, str));
    }

    public String verifySignedP7Data_detach_hash(byte[] bArr, String str) {
        return new Pkcs7Util(this.applicationName).BJE_Pkcs7Verify_byHash_reCert(bArr, str);
    }

    public boolean verifySignedP7Data_file_detach(String str, String str2) {
        return new Pkcs7Util(this.applicationName).BJE_Pkcs7_file_Verify(str, str2);
    }

    public boolean verifyTimeStamp(String str, String str2, byte[] bArr, long j) {
        return new TimeStampUtil(this.applicationName).verifyTimeStamp(str, str2, bArr, this.m_Iinitmodel);
    }

    public boolean verifyTimeStamp(byte[] bArr, byte[] bArr2) {
        return new TimeStampUtil(this.applicationName).verifyTimeStamp(bArr, bArr2, this.m_Iinitmodel);
    }
}
