package cn.org.bjca.signet.component.core.runnables;

import android.content.Context;
import android.os.Bundle;
import android.os.Environment;
import android.os.Handler;
import cn.org.bjca.mssp.clientalg.util.ByteArrayUtil;
import cn.org.bjca.mssp.clientalg.util.CipherUtil;
import cn.org.bjca.mssp.clientalg.util.EncodeUtil;
import cn.org.bjca.mssp.clientalg.util.SEMSM2Util;
import cn.org.bjca.mssp.msspjce.jcajce.provider.asymmetric.util.SM2Util;
import cn.org.bjca.mssp.msspjce.jce.provider.MSSPProvider;
import cn.org.bjca.signet.component.core.bean.params.OfflineSignStoreBean;
import cn.org.bjca.signet.component.core.database.CoreDataBaseDao;
import cn.org.bjca.signet.component.core.database.DataBaseConsts;
import cn.org.bjca.signet.component.core.exceptions.SignetApiException;
import cn.org.bjca.signet.component.core.factory.SignetResultFactory;
import cn.org.bjca.signet.component.core.interfaces.CoreConstsInterface;
import cn.org.bjca.signet.component.core.utils.AndroidUtil;
import cn.org.bjca.signet.component.core.utils.CertUtil;
import cn.org.bjca.signet.component.core.utils.DialogUtil;
import cn.org.bjca.signet.component.core.utils.JsonUtil;
import cn.org.bjca.signet.component.core.utils.ShareStoreUtil;
import cn.org.bjca.signet.component.core.utils.StringUtil;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.Security;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.interfaces.RSAPublicKey;
import java.util.Date;

/* loaded from: classes.dex */
public class OfflineSignRunnable implements CoreConstsInterface.BundleConsts, CoreConstsInterface.CertPolicyConst, Runnable {
    private Bundle bundle;
    private Context context;
    private Handler mainHandler;
    private String userPin;

    static {
        Security.addProvider(new MSSPProvider());
    }

    private OfflineSignRunnable() {
    }

    public OfflineSignRunnable(Context context, Handler handler, Bundle bundle, String str) {
        this.context = context;
        this.mainHandler = handler;
        this.bundle = bundle;
        this.userPin = str;
        DialogUtil.showProcessDialog(context);
    }

    @Override // java.lang.Runnable
    public void run() {
        String string;
        String string2;
        String string3;
        String string4;
        String str;
        String info;
        String info2;
        String base64Encode;
        try {
            try {
                string = this.bundle.getString(CoreConstsInterface.BundleConsts.BUNDLE_KEY_ADD_SIGN_ALGO);
                string2 = this.bundle.getString(CoreConstsInterface.BundleConsts.BUNDLE_KEY_ADD_SIGN_DATATYPE);
                string3 = this.bundle.getString(CoreConstsInterface.BundleConsts.BUNDLE_KEY_OFFLINE_SIGN_TEXT);
                string4 = this.bundle.getString(CoreConstsInterface.BundleConsts.BUNDLE_KEY_ADD_SIGN_TYPE);
                str = "";
                info = ShareStoreUtil.getInfo(this.context, ShareStoreUtil.CURRENT_MSSP_ID);
                if (string.contains(CoreConstsInterface.CertPolicyConst.CP_ALGO_RSA)) {
                    str = string4.equalsIgnoreCase(CoreConstsInterface.CertPolicyConst.CP_AUTH_TYPE) ? DataBaseConsts._RSA_OFFLINE_AUTH_CERT : DataBaseConsts._RSA_OFFLINE_SIGN_CERT;
                } else if (string.contains(CoreConstsInterface.CertPolicyConst.CP_ALGO_SM2)) {
                    str = string4.equalsIgnoreCase(CoreConstsInterface.CertPolicyConst.CP_AUTH_TYPE) ? DataBaseConsts._SM2_OFFLINE_AUTH_CERT : DataBaseConsts._SM2_OFFLINE_SIGN_CERT;
                }
                info2 = CoreDataBaseDao.getDaoInstance(this.context).getInfo(info, str);
            } catch (SignetApiException e) {
                AndroidUtil.handleException(e, this.mainHandler);
            }
            if (StringUtil.isEmpty(info2)) {
                throw new SignetApiException(CoreConstsInterface.ErrCodeConsts.ERR_CODE_NO_CERT, CoreConstsInterface.ErrMsgConsts.ERR_MSG_NO_CERT);
            }
            try {
                Certificate generateCertificate = CertificateFactory.getInstance("X509", MSSPProvider.PROVIDER_NAME).generateCertificate(new ByteArrayInputStream(StringUtil.base64Decode(info2)));
                if (string2.equalsIgnoreCase(CoreConstsInterface.CertPolicyConst.DATA_TYPE_HASH)) {
                    base64Encode = string3;
                } else {
                    try {
                        base64Encode = string.contains(CoreConstsInterface.CertPolicyConst.HASH_ALGO_SM3) ? StringUtil.base64Encode(SM2Util.SM3ForSignature(string3.getBytes("utf-8"), SEMSM2Util.getPoint(generateCertificate.getPublicKey()))) : StringUtil.base64Encode(CipherUtil.hash(string.split("with")[0], string3.getBytes("utf-8")));
                    } catch (Exception e2) {
                        throw new SignetApiException(e2.getMessage());
                    }
                }
                try {
                    String replace = str.replace("_CERT", "_RANDOM");
                    String genOfflineSign = CertUtil.genOfflineSign(this.context, string3, string, string4, this.userPin, info, replace);
                    if (replace.contains(CoreConstsInterface.CertPolicyConst.CP_ALGO_SM2)) {
                        if (!SEMSM2Util.verify(generateCertificate.getPublicKey(), StringUtil.base64Decode(genOfflineSign), StringUtil.base64Decode(base64Encode))) {
                            throw new SignetApiException("offlineSign SM2 verify signature error");
                        }
                    } else if (replace.contains(CoreConstsInterface.CertPolicyConst.CP_ALGO_RSA)) {
                        BigInteger modulus = ((RSAPublicKey) generateCertificate.getPublicKey()).getModulus();
                        if (!ByteArrayUtil.equalValue(EncodeUtil.bigInteger2ByteArray(EncodeUtil.byteArray2BigInteger(StringUtil.base64Decode(genOfflineSign)).modPow(BigInteger.valueOf(65537L), modulus), (modulus.bitLength() + 7) / 8), CertUtil.pkcs1EncodingForSign(CertUtil.packDigestInfo(string.split("with")[0], StringUtil.base64Decode(base64Encode)), modulus.bitLength()))) {
                            throw new SignetApiException("offlineSign RSA verify signature error");
                        }
                    }
                    OfflineSignStoreBean offlineSignStoreBean = new OfflineSignStoreBean();
                    offlineSignStoreBean.setAlgoPolicy(string);
                    offlineSignStoreBean.setHash(base64Encode);
                    offlineSignStoreBean.setSignatrue(genOfflineSign);
                    offlineSignStoreBean.setSignCert(info2);
                    offlineSignStoreBean.setSignDate(Long.valueOf(new Date().getTime()));
                    String info3 = ShareStoreUtil.getInfo(this.context, ShareStoreUtil.APP_ID);
                    String object2Json = JsonUtil.object2Json(offlineSignStoreBean);
                    File file = new File(Environment.getExternalStorageDirectory().getAbsolutePath() + CoreConstsInterface.ServInterfaceConst.OFFLINE_SIGN_CACHE_FOLDER + "/" + info3 + "/" + info.substring(0, 9) + "/" + offlineSignStoreBean.getSignDate() + ".txt");
                    try {
                        file.createNewFile();
                        FileOutputStream fileOutputStream = new FileOutputStream(file);
                        fileOutputStream.write(object2Json.getBytes("utf-8"));
                        fileOutputStream.close();
                        SignetResultFactory.resultMap.put(SignetResultFactory.ERR_CODE, "0x00000000");
                        SignetResultFactory.resultMap.put(SignetResultFactory.ERR_MSG, CoreConstsInterface.ErrMsgConsts.SUCCESS_MSG);
                        SignetResultFactory.resultMap.put(SignetResultFactory.OFFLINE_CERT, info2);
                        SignetResultFactory.resultMap.put(SignetResultFactory.OFFLINE_SIGNATURE, genOfflineSign);
                        AndroidUtil.sendMessage(2110, null, this.mainHandler);
                    } catch (IOException e3) {
                        throw new SignetApiException(e3.getMessage());
                    }
                } catch (Exception e4) {
                    throw new SignetApiException(e4.getMessage());
                }
            } catch (Exception e5) {
                throw new SignetApiException(e5.getMessage());
            }
        } finally {
            DialogUtil.closeProcessDialog();
        }
    }
}
