package com.zhulong.ZLCAUtil.utils;

import android.content.Context;
import android.util.Log;
import cn.esa.topesa.CertApiException;
import cn.esa.topesa.CertSet;
import cn.esa.topesa.CertStore;
import cn.esa.topesa.Certificate;
import cn.esa.topesa.Pkcs7;
import cn.esa.topesa.TCA;
import com.google.gson.Gson;
import com.google.gson.GsonBuilder;
import com.google.gson.JsonSyntaxException;
import com.zhulong.ZLCAUtil.constant.Constant;
import com.zhulong.ZLCAUtil.downloadCert.DownLoadBeans;
import com.zhulong.ZLCAUtil.interfaces.RequestCACertificateBySerialNumberListener;
import com.zhulong.ZLCAUtil.interfaces.RequestCertListListener;
import com.zhulong.ZLCAUtil.interfaces.RequestCertListValidityListener;
import com.zhulong.ZLCAUtil.interfaces.RequestCertificateModelListener;
import com.zhulong.ZLCAUtil.interfaces.RequestCsrListener;
import com.zhulong.ZLCAUtil.interfaces.RequestEncryptP7Listener;
import com.zhulong.ZLCAUtil.interfaces.RequestP7DecListener;
import com.zhulong.ZLCAUtil.interfaces.RequestRawDecListener;
import com.zhulong.ZLCAUtil.interfaces.RequestRawEncListener;
import com.zhulong.ZLCAUtil.interfaces.RequestSignRawListener;
import com.zhulong.ZLCAUtil.interfaces.RequestSingP7Listener;
import com.zhulong.ZLCAUtil.models.CACertificate;
import com.zhulong.ZLCAUtil.models.CsrBean;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.util.Date;
import java.util.List;

/* loaded from: classes2.dex */
public class TianweiUtils {
    private static TianweiUtils tianweiUtils = new TianweiUtils();

    private TianweiUtils() {
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void downloadNet(final int i, final String str, final String str2, final String str3, final String str4, final RequestCertificateModelListener requestCertificateModelListener) {
        new Thread(new Runnable() { // from class: com.zhulong.ZLCAUtil.utils.TianweiUtils.5
            @Override // java.lang.Runnable
            public void run() {
                try {
                    String str5 = "http://111.206.219.82:8081/cert/api/cert/new/download?changShang_Type_Id=" + i + "&phone_num=" + str + "&userCode=" + str2 + "&pin=" + str3 + "&certReqBuf=" + URLEncoder.encode(str4, "utf-8");
                    String doGet = HttpUtils.doGet(str5);
                    Log.e("ceshi", str5);
                    Log.e("ceshi", doGet);
                    DownLoadBeans downLoadBeans = (DownLoadBeans) new Gson().fromJson(doGet, DownLoadBeans.class);
                    if (downLoadBeans == null) {
                        requestCertificateModelListener.failed();
                        Log.e(Constant.TAG, "证书下载失败" + doGet);
                    } else if (downLoadBeans.getCode() == 1000) {
                        TianweiUtils.this.installCertTianWei(downLoadBeans.getData().getChangShangType(), downLoadBeans.getData().getCert(), requestCertificateModelListener);
                    } else {
                        Log.e(Constant.TAG, "下载失败" + downLoadBeans.getMsg());
                        requestCertificateModelListener.failed();
                    }
                } catch (Exception e) {
                    e.printStackTrace();
                }
            }
        }).start();
    }

    public static TianweiUtils getInstance() {
        return tianweiUtils;
    }

    public void P7DecTianWei(CACertificate cACertificate, String str, String str2, RequestP7DecListener requestP7DecListener) {
        try {
            Certificate cert = cACertificate.getCert();
            Pkcs7 pkcs7 = new Pkcs7(android.util.Base64.decode(str, 2));
            if (!pkcs7.getEncCert().serialNumber().equalsIgnoreCase(cert.serialNumber())) {
                Log.e(Constant.TAG, "解密失败，当前选择证书与加密所用证书不一致");
                requestP7DecListener.failed();
            }
            if (!verifyPINTianWei(cACertificate, str2)) {
                Log.e(Constant.TAG, "证书PIN码验证失败");
                requestP7DecListener.failed();
            }
            byte[] decryptMessage = pkcs7.decryptMessage(cert);
            if (decryptMessage == null) {
                Log.e(Constant.TAG, "解密失败");
                requestP7DecListener.failed();
                return;
            }
            Log.e(Constant.TAG, "解密成功，原文：" + new String(decryptMessage));
            requestP7DecListener.success(new String(decryptMessage));
        } catch (CertApiException e) {
            Log.e(Constant.TAG, "解密失败，错误码 ：" + e.getMessage());
            e.printStackTrace();
            requestP7DecListener.failed();
        }
    }

    public void P7EncTianWei(CACertificate cACertificate, String str, RequestEncryptP7Listener requestEncryptP7Listener) {
        try {
            String encodeToString = android.util.Base64.encodeToString(cACertificate.getCert().encryptP7(str.getBytes("UTF-8")), 2);
            Log.e(Constant.TAG, "加密成功" + encodeToString);
            requestEncryptP7Listener.success(encodeToString);
        } catch (CertApiException e) {
            Log.e(Constant.TAG, "加密失败，错误码 ：" + e.getMessage());
            e.printStackTrace();
            requestEncryptP7Listener.failed();
        } catch (UnsupportedEncodingException e2) {
            Log.e(Constant.TAG, "加密失败，编解码异常");
            e2.printStackTrace();
            requestEncryptP7Listener.failed();
        }
    }

    public void RawEncTianWei(CACertificate cACertificate, String str, RequestRawEncListener requestRawEncListener) {
        try {
            String encodeToString = android.util.Base64.encodeToString(cACertificate.getCert().encryptRaw(str.getBytes("UTF-8")), 2);
            Log.e(Constant.TAG, "加密成功" + encodeToString);
            requestRawEncListener.success(encodeToString);
        } catch (CertApiException e) {
            Log.e(Constant.TAG, "加密失败，错误码 ：" + e.getMessage());
            e.printStackTrace();
            requestRawEncListener.failed();
        } catch (UnsupportedEncodingException e2) {
            Log.e(Constant.TAG, "加密失败，编解码异常");
            e2.printStackTrace();
            requestRawEncListener.failed();
        }
    }

    public void certListTianWei(final List<CACertificate> list, int i, RequestCertListListener requestCertListListener) {
        try {
            CertSet listAllCerts = CertStore.listAllCerts();
            if (listAllCerts.size() == 0) {
                Log.e(Constant.TAG, "本地没有证书");
                requestCertListListener.listNull();
                return;
            }
            for (int i2 = 0; i2 < listAllCerts.size(); i2++) {
                CACertificateModelUtils.getInstance().certificateModel(i, listAllCerts.get(i2), new RequestCertificateModelListener() { // from class: com.zhulong.ZLCAUtil.utils.TianweiUtils.1
                    @Override // com.zhulong.ZLCAUtil.interfaces.RequestCertificateModelListener
                    public void failed() {
                    }

                    @Override // com.zhulong.ZLCAUtil.interfaces.RequestCertificateModelListener
                    public void success(CACertificate cACertificate) {
                        list.add(cACertificate);
                    }
                });
            }
            Log.e(Constant.TAG, "获取证书列表成功---" + list.size());
            requestCertListListener.success(list);
        } catch (CertApiException e) {
            Log.e(Constant.TAG, "获取证书列表失败");
            e.printStackTrace();
            requestCertListListener.failed();
        }
    }

    public void certListValidityTianWei(final List<CACertificate> list, int i, Date date, RequestCertListValidityListener requestCertListValidityListener) {
        try {
            CertSet listAllCerts = CertStore.listAllCerts();
            if (listAllCerts.size() == 0) {
                Log.e(Constant.TAG, "本地没有证书");
                requestCertListValidityListener.failed();
                return;
            }
            for (int i2 = 0; i2 < listAllCerts.size(); i2++) {
                Certificate certificate = listAllCerts.get(i2);
                if (date.after(certificate.notBefore()) && date.before(certificate.notAfter())) {
                    CACertificateModelUtils.getInstance().certificateModel(i, certificate, new RequestCertificateModelListener() { // from class: com.zhulong.ZLCAUtil.utils.TianweiUtils.2
                        @Override // com.zhulong.ZLCAUtil.interfaces.RequestCertificateModelListener
                        public void failed() {
                        }

                        @Override // com.zhulong.ZLCAUtil.interfaces.RequestCertificateModelListener
                        public void success(CACertificate cACertificate) {
                            list.add(cACertificate);
                        }
                    });
                }
            }
            Log.e(Constant.TAG, "获取证书列表成功---" + list.size());
            requestCertListValidityListener.success(list);
        } catch (CertApiException e) {
            Log.e(Constant.TAG, "获取证书列表失败");
            e.printStackTrace();
            requestCertListValidityListener.failed();
        }
    }

    public void downloadCertTianWei(final int i, final String str, final String str2, final String str3, final RequestCertificateModelListener requestCertificateModelListener) {
        getTianWeiCsr(i, str, str2, new RequestCsrListener() { // from class: com.zhulong.ZLCAUtil.utils.TianweiUtils.4
            @Override // com.zhulong.ZLCAUtil.interfaces.RequestCsrListener
            public void failed() {
                requestCertificateModelListener.failed();
            }

            @Override // com.zhulong.ZLCAUtil.interfaces.RequestCsrListener
            public void success(String str4) {
                CsrBean csrBean = (CsrBean) new Gson().fromJson(str4, CsrBean.class);
                if (csrBean.getData().getTianwei_csr() != null) {
                    TianweiUtils.this.downloadNet(i, str3, str, str2, csrBean.getData().getTianwei_csr(), requestCertificateModelListener);
                } else {
                    Log.e(Constant.TAG, "生成csr失败");
                    requestCertificateModelListener.failed();
                }
            }
        });
    }

    public void getCACertificateBySerialNumberTianWei(int i, String str, final RequestCACertificateBySerialNumberListener requestCACertificateBySerialNumberListener) {
        try {
            CertSet listAllCerts = CertStore.listAllCerts();
            if (listAllCerts.size() == 0) {
                Log.e(Constant.TAG, "本地没有证书");
                requestCACertificateBySerialNumberListener.failed();
                return;
            }
            for (int i2 = 0; i2 < listAllCerts.size(); i2++) {
                if (listAllCerts.get(i2).serialNumber().equals(str)) {
                    Log.e(Constant.TAG, "获取证书成功");
                    CACertificateModelUtils.getInstance().certificateModel(i, listAllCerts.get(i2), new RequestCertificateModelListener() { // from class: com.zhulong.ZLCAUtil.utils.TianweiUtils.3
                        @Override // com.zhulong.ZLCAUtil.interfaces.RequestCertificateModelListener
                        public void failed() {
                            requestCACertificateBySerialNumberListener.failed();
                        }

                        @Override // com.zhulong.ZLCAUtil.interfaces.RequestCertificateModelListener
                        public void success(CACertificate cACertificate) {
                            requestCACertificateBySerialNumberListener.success(cACertificate);
                        }
                    });
                }
            }
        } catch (CertApiException e) {
            Log.e(Constant.TAG, "获取证书失败");
            e.printStackTrace();
            requestCACertificateBySerialNumberListener.failed();
        }
    }

    public void getCertBase64() {
    }

    public void getTianWeiCsr(int i, String str, String str2, RequestCsrListener requestCsrListener) {
        try {
            String base64 = CertStore.byName("default").genCsr("SM2", str2).toBase64();
            Log.e(Constant.TAG, "生成的CSR: " + base64);
            CsrBean csrBean = new CsrBean();
            csrBean.setCa_type(i);
            csrBean.getClass();
            CsrBean.DataBean dataBean = new CsrBean.DataBean();
            dataBean.setTianwei_csr(base64);
            csrBean.setData(dataBean);
            Gson create = new GsonBuilder().disableHtmlEscaping().create();
            Log.e(Constant.TAG, "生成CSR成功" + create.toJson(csrBean));
            requestCsrListener.success(create.toJson(csrBean));
        } catch (JsonSyntaxException e) {
            e.printStackTrace();
            Log.e(Constant.TAG, "json转换异常");
            requestCsrListener.failed();
        } catch (CertApiException e2) {
            e2.printStackTrace();
            Log.e("=====", "生成CSR错误: " + e2.getMessage());
            requestCsrListener.failed();
        }
    }

    public void initTianWei(Context context, String str) {
        try {
            TCA.config(str, context);
            Log.e(Constant.TAG, "天威证书SDK初始化成功");
        } catch (CertApiException e) {
            Log.e(Constant.TAG, "天威证书SDK初始化失败");
            e.printStackTrace();
        }
    }

    public void installCertTianWei(int i, String str, RequestCertificateModelListener requestCertificateModelListener) {
        try {
            Log.e(Constant.TAG, str);
            Certificate certificate = new Certificate(str);
            CertStore.installCert(certificate);
            Log.e(Constant.TAG, "安装证书成功");
            CACertificateModelUtils.getInstance().certificateModel(i, certificate, requestCertificateModelListener);
        } catch (CertApiException e) {
            Log.e(Constant.TAG, "安装证书失败");
            e.printStackTrace();
            requestCertificateModelListener.failed();
        }
    }

    public void rawDecTianWei(CACertificate cACertificate, String str, String str2, RequestRawDecListener requestRawDecListener) {
        try {
            Certificate cert = cACertificate.getCert();
            byte[] decode = android.util.Base64.decode(str, 2);
            if (!verifyPINTianWei(cACertificate, str2)) {
                Log.e(Constant.TAG, "证书PIN码验证失败");
                requestRawDecListener.failed();
            }
            byte[] decryptRaw = cert.decryptRaw(decode);
            if (decryptRaw == null) {
                Log.e(Constant.TAG, "解密失败");
                requestRawDecListener.failed();
                return;
            }
            Log.e(Constant.TAG, "解密成功，原文：" + new String(decryptRaw));
            requestRawDecListener.success(new String(decryptRaw));
        } catch (CertApiException e) {
            Log.e(Constant.TAG, "解密失败，错误码 ：" + e.getMessage());
            e.printStackTrace();
            requestRawDecListener.failed();
        }
    }

    public void signRawTianWei(CACertificate cACertificate, String str, String str2, RequestSignRawListener requestSignRawListener) {
        try {
            Certificate cert = cACertificate.getCert();
            byte[] bytes = str.getBytes("UTF-8");
            if (!verifyPINTianWei(cACertificate, str2)) {
                Log.e(Constant.TAG, "PIN码验证失败");
                requestSignRawListener.failed();
                return;
            }
            String encodeToString = android.util.Base64.encodeToString(cert.signRaw(bytes), 2);
            Log.e(Constant.TAG, "签名成功" + encodeToString);
            requestSignRawListener.success(encodeToString);
        } catch (CertApiException e) {
            Log.e(Constant.TAG, "签名失败，错误码 ：" + e.getMessage());
            e.printStackTrace();
            requestSignRawListener.failed();
        } catch (UnsupportedEncodingException e2) {
            Log.e(Constant.TAG, "签名失败，编解码异常" + e2.getMessage());
            e2.printStackTrace();
            requestSignRawListener.failed();
        }
    }

    public void singP7TianWei(CACertificate cACertificate, String str, String str2, RequestSingP7Listener requestSingP7Listener) {
        try {
            Certificate cert = cACertificate.getCert();
            if (!verifyPINTianWei(cACertificate, str2)) {
                Log.e(Constant.TAG, "签名失败, 证书PIN码验证失败");
                requestSingP7Listener.failed();
                return;
            }
            String encodeToString = android.util.Base64.encodeToString(cert.signP7(str.getBytes("UTF-8"), true), 2);
            Log.e(Constant.TAG, "原文: " + str);
            Log.e(Constant.TAG, "签名值: " + encodeToString);
            requestSingP7Listener.success(encodeToString);
        } catch (UnsupportedEncodingException e) {
            Log.e(Constant.TAG, "签名--编码异常");
            e.printStackTrace();
            requestSingP7Listener.failed();
        } catch (CertApiException e2) {
            Log.e(Constant.TAG, "证书PIN码验证失败");
            Log.e(Constant.TAG, "签名失败, 错误码: " + e2.getMessage());
            e2.printStackTrace();
            requestSingP7Listener.failed();
        }
    }

    public boolean verifyP7SignTianWei(CACertificate cACertificate, String str) {
        try {
            Certificate verify = new Pkcs7(android.util.Base64.decode(str, 2)).verify();
            if (verify == null) {
                Log.e(Constant.TAG, "签名验证失败，原文可能已被篡改");
                return false;
            }
            if (cACertificate.getSerialNumber().equals(verify.serialNumber())) {
                Log.e(Constant.TAG, "签名验证成功，原文未被篡改");
                return true;
            }
            Log.e(Constant.TAG, "签名验证失败，原文可能已被篡改");
            return false;
        } catch (CertApiException e) {
            Log.e(Constant.TAG, "签名验证失败，错误码 ：" + e.getMessage());
            e.printStackTrace();
            return false;
        }
    }

    public boolean verifyPINTianWei(CACertificate cACertificate, String str) {
        try {
            if (cACertificate.getCert().verifyPin(str)) {
                Log.e("=====", "验证PIN码成功");
                return true;
            }
            Log.e(Constant.TAG, "证书PIN码验证失败");
            return false;
        } catch (CertApiException e) {
            Log.e(Constant.TAG, "证书PIN码验证失败: " + e.getMessage());
            Log.e(Constant.TAG, "签名失败, 错误码: " + e.getMessage());
            e.printStackTrace();
            return false;
        }
    }

    public boolean verifyRawSignTianWei(CACertificate cACertificate, String str, String str2) {
        try {
            if (cACertificate.getCert().verifyRaw(android.util.Base64.decode(str2, 2), str.getBytes("UTF-8"))) {
                Log.e(Constant.TAG, "签名验证成功，原文未被篡改");
                return true;
            }
            Log.e(Constant.TAG, "签名验证失败，原文可能已被篡改");
            return false;
        } catch (UnsupportedEncodingException e) {
            Log.e(Constant.TAG, "签名验证失败，编解码异常 ");
            e.printStackTrace();
            return false;
        } catch (CertApiException e2) {
            Log.e(Constant.TAG, "签名验证失败，错误码 ：" + e2.getMessage());
            e2.printStackTrace();
            return false;
        }
    }
}
