package com.icinfo.jxsb.certificate;

import android.os.RemoteException;
import android.util.Log;
import cn.com.chinatelecom.ctpass.aidl.UDunCallback;
import cn.com.chinatelecom.ctpass.aidl.UDunKeyPair;
import cn.com.chinatelecom.ctpass.service.CTPassServiceWrapper;
import com.icinfo.jxsb.utils.DesEncryptWithIv;
import com.icinfo.jxsb.utils.HexStringConvert;
import com.icinfo.jxsb.utils.HxStringUtils;
import com.tencent.connect.common.Constants;
import com.umeng.socialize.sso.UMSsoHandler;
import java.io.InputStream;
import java.net.HttpURLConnection;
import java.net.URL;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import org.apache.cxf.helpers.IOUtils;
import org.apache.cxf.io.CachedOutputStream;
import org.json.JSONObject;

/* loaded from: classes.dex */
public class CertificateUtilImpl implements CertificateUtil {
    private static final String CONTENT_CHARSET = "UTF-8";
    private static final String TAG = "com.icinfo.jxsb.certificate.CertificateUtilImpl";
    private static CertificateUtil c = null;
    private static CTPassServiceWrapper ctpassServiceWrapper;
    private String cardNo;
    private String certPwd;
    Map<String, String> paramMap = new HashMap();
    private UDunCallback.Stub genSignCallBack = new UDunCallback.Stub() { // from class: com.icinfo.jxsb.certificate.CertificateUtilImpl.1
        @Override // cn.com.chinatelecom.ctpass.aidl.UDunCallback
        public void callBack(int i, String str, String str2) throws RemoteException {
            Log.d(CertificateUtilImpl.TAG, "genSignCallBack CTPassid:" + str);
            if (i != 200) {
                Log.d(CertificateUtilImpl.TAG, "genSignCallBack 生成签名密钥对失败:" + str2);
                return;
            }
            Log.d(CertificateUtilImpl.TAG, "genSignCallBack 生成签名密钥对成功:" + str2);
            try {
                CertificateUtilImpl.this.genKeyPairAndDownloadCert(CertificateUtilImpl.this.cardNo, CertificateUtilImpl.this.certPwd, null);
            } catch (Exception e) {
                Log.d(CertificateUtilImpl.TAG, "生成密钥对之后下载证书失败:" + e.getMessage());
            }
        }
    };

    private String doGetNoSignRequest(String str, String str2, Map<String, String> map) throws Exception {
        map.put("publicKeyHexStr", str2);
        String str3 = String.valueOf(str) + "/rs/jxsb/jxsbCertService/jxsbCertDownloadForCTGenRequest";
        Log.d(TAG, "证书请求生成地址: " + str3);
        Log.d(TAG, "证书请求生成参数: " + toJsonDES(map));
        String postRequest = postRequest(str3, toJsonDES(map), "UTF-8");
        Log.d(TAG, "证书请求生成参数返回值: " + postRequest);
        return postRequest;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public String genKeyPairAndDownloadCert(String str, String str2, String str3) throws Exception {
        Log.d(TAG, "genKeyPairAndDownloadCert-生成签名密钥对并下载证书 ");
        if (!isExistKeyPair(str)) {
            ctpassServiceWrapper.getServiceAIDL().genSignKeyPair(str, 1, str2, this.genSignCallBack);
            return returnJsonString("1", "", "密钥对生成成功", "");
        }
        byte[] readPublicKey = ctpassServiceWrapper.getServiceAIDL().readPublicKey(str, ctpassServiceWrapper.getLogCallBack());
        Log.d(TAG, "公钥二进制长度:" + readPublicKey.length);
        Log.d(TAG, "十六进制公钥:" + HexStringConvert.parseByte2HexStr(readPublicKey));
        JSONObject jSONObject = new JSONObject(doGetNoSignRequest(str3, HexStringConvert.parseByte2HexStr(readPublicKey), this.paramMap)).getJSONObject("detail");
        Map<String, String> map = this.paramMap;
        map.put("noSignReq", jSONObject.getString("noSignReq"));
        String string = jSONObject.getString("noSignReqSHA1");
        Log.d(TAG, "待签名值 " + string);
        Log.d(TAG, "待签名值长度： " + string.length());
        String RSASign = ctpassServiceWrapper.getServiceAIDL().RSASign(string, str, 1, str2, ctpassServiceWrapper.getLogCallBack());
        Log.d(TAG, "十六进制签名值 " + RSASign);
        map.put("signData", RSASign);
        String str4 = String.valueOf(str3) + "/rs/jxsb/jxsbCertService/jxsbCertDownloadForCT";
        Log.d(TAG, "证书下载地址 " + str4);
        Log.d(TAG, "证书下载参数 " + toJsonDES(this.paramMap));
        String postRequest = postRequest(str4, toJsonDES(this.paramMap), "UTF-8");
        JSONObject jSONObject2 = new JSONObject(postRequest);
        if (!"0".equals(jSONObject2.getString("status"))) {
            return postRequest;
        }
        String writeCerToCT = writeCerToCT(str, str2, jSONObject2.getString("detail"));
        Log.d(TAG, writeCerToCT);
        return writeCerToCT;
    }

    public static CertificateUtil getInstance(CTPassServiceWrapper cTPassServiceWrapper) {
        if (c == null) {
            c = new CertificateUtilImpl();
            ctpassServiceWrapper = cTPassServiceWrapper;
        }
        return c;
    }

    private static String getStringFromInputStream(InputStream inputStream) throws Exception {
        CachedOutputStream cachedOutputStream = new CachedOutputStream();
        IOUtils.copy(inputStream, cachedOutputStream);
        inputStream.close();
        cachedOutputStream.close();
        return cachedOutputStream.getOut().toString();
    }

    private boolean isExistKeyPair(String str) throws Exception {
        Log.d(TAG, "showCTKeyPair-获取CT卡中的证书信息 ");
        Iterator<UDunKeyPair> it = ctpassServiceWrapper.getServiceAIDL().readKeyPair(ctpassServiceWrapper.getLogCallBack()).iterator();
        while (it.hasNext()) {
            if (str.equals(it.next().keyPairName)) {
                return true;
            }
        }
        return false;
    }

    private static String postRequest(String str, String str2, String str3) {
        String str4;
        HttpURLConnection httpURLConnection = null;
        try {
            try {
                httpURLConnection = (HttpURLConnection) new URL(str).openConnection();
                httpURLConnection.setRequestMethod(Constants.HTTP_POST);
                httpURLConnection.setRequestProperty("content-type", "text/html");
                httpURLConnection.setDoOutput(true);
                httpURLConnection.setConnectTimeout(1000000);
                httpURLConnection.setReadTimeout(2000000);
                httpURLConnection.getOutputStream().write(str2.getBytes(str3));
                httpURLConnection.getOutputStream().flush();
                httpURLConnection.getOutputStream().close();
                str4 = getStringFromInputStream(httpURLConnection.getInputStream());
                if (httpURLConnection != null) {
                    httpURLConnection.disconnect();
                }
            } catch (Exception e) {
                e.printStackTrace();
                if (httpURLConnection != null) {
                    httpURLConnection.disconnect();
                }
                str4 = null;
            }
            return str4;
        } catch (Throwable th) {
            if (httpURLConnection != null) {
                httpURLConnection.disconnect();
            }
            throw th;
        }
    }

    private String returnJsonString(String str, String str2, String str3, String str4) {
        HashMap hashMap = new HashMap();
        hashMap.put("status", str);
        hashMap.put("eCode", str2);
        hashMap.put("eMsg", str3);
        hashMap.put("detail", str4);
        return new JSONObject(hashMap).toString();
    }

    private String toJsonDES(Map<String, String> map) throws Exception {
        return new DesEncryptWithIv("674542BC", "789864WZ").encode(new JSONObject(map).toString());
    }

    private String writeCerToCT(String str, String str2, String str3) throws Exception {
        byte[] parseHexStr2Byte = HexStringConvert.parseHexStr2Byte(str3);
        Log.d(TAG, "要写入的证书信息十六进制)\n" + str3);
        return ctpassServiceWrapper.getServiceAIDL().writeCer(this.cardNo, parseHexStr2Byte, str2, ctpassServiceWrapper.getLogCallBack()) ? returnJsonString("0", "", "证书写入成功", "") : returnJsonString("-1", "8004", "证书写入失败！", "");
    }

    @Override // com.icinfo.jxsb.certificate.CertificateUtil
    public String deleteKeyPair(String str, String str2) {
        if (1 != ctpassServiceWrapper.getCardState()) {
            return returnJsonString("-1", "8003", "机卡通道不通", null);
        }
        try {
            ctpassServiceWrapper.getServiceAIDL().deleteKeyPair(str, str2, ctpassServiceWrapper.getLogCallBack());
            return returnJsonString("1", "", "密钥对删除成功", "");
        } catch (RemoteException e) {
            return returnJsonString("-1", "", "密钥对删除失败", e.getMessage());
        }
    }

    @Override // com.icinfo.jxsb.certificate.CertificateUtil
    public String jxsbCertDownload(String str, String str2, String str3, String str4, String str5) {
        if (HxStringUtils.isBlank(str3) || str3.length() < 6) {
            return returnJsonString("-1", "8001", "证书密码小于6位或为空！", null);
        }
        if (HxStringUtils.isBlank(str) || HxStringUtils.isBlank(str2) || HxStringUtils.isBlank(str4) || HxStringUtils.isBlank(str5)) {
            return returnJsonString("-1", "8002", "参数不能为空[cityCardNo,servicePassword,certPassword,appKey,interfaceAddr]！", null);
        }
        this.cardNo = str;
        this.certPwd = str3;
        if (1 != ctpassServiceWrapper.getCardState()) {
            return returnJsonString("-1", "8003", "机卡通道不通", null);
        }
        this.paramMap.put("cardNo", str);
        this.paramMap.put("servicePwd", str2);
        this.paramMap.put(UMSsoHandler.APPKEY, str4);
        this.paramMap.put("certPwd", str3);
        try {
            return genKeyPairAndDownloadCert(str, str3, str5);
        } catch (Exception e) {
            return returnJsonString("-1", "8003", "下载证书失败", e.getMessage());
        }
    }

    @Override // com.icinfo.jxsb.certificate.CertificateUtil
    public String jxsbCertSign(String str, String str2, String str3) {
        String returnJsonString;
        if (HxStringUtils.isBlank(str) || HxStringUtils.isBlank(str2) || HxStringUtils.isBlank(str3)) {
            return returnJsonString("-1", "8001", "参数不能为空[cityCardNo,originalHash,certPassword]！", null);
        }
        try {
            Log.d(TAG, "待签名hash值:" + str2);
            String RSASign = ctpassServiceWrapper.getServiceAIDL().RSASign(str2, str, 1, str3, ctpassServiceWrapper.getLogCallBack());
            if (HxStringUtils.isBlank(RSASign)) {
                returnJsonString = returnJsonString("-1", "9001", "证书签名失败", "签名返回值为空");
            } else {
                Log.d(TAG, "签名值:" + RSASign);
                Log.d(TAG, "十六进制公钥:" + HexStringConvert.parseByte2HexStr(ctpassServiceWrapper.getServiceAIDL().readPublicKey(str, ctpassServiceWrapper.getLogCallBack())));
                returnJsonString = returnJsonString("0", "", "", RSASign);
            }
            return returnJsonString;
        } catch (Exception e) {
            e.printStackTrace();
            return returnJsonString("-1", "9001", "证书签名失败", e.getMessage());
        }
    }
}
