package cn.com.jit.mctk.auth.manager;

import cn.com.jit.ida.util.pki.PKIException;
import cn.com.jit.ida.util.pki.asn1.DERObject;
import cn.com.jit.ida.util.pki.cert.X509Cert;
import cn.com.jit.ida.util.pki.cipher.Mechanism;
import cn.com.jit.ida.util.pki.cipher.Session;
import cn.com.jit.ida.util.pki.cipher.param.P7Param;
import cn.com.jit.ida.util.pki.crl.X509CRL;
import cn.com.jit.ida.util.pki.keystore.KeyEntry;
import cn.com.jit.ida.util.pki.pkcs.PKCS7;
import cn.com.jit.mctk.auth.constant.MessageCode;
import cn.com.jit.mctk.auth.constant.MessageCodeDesc;
import cn.com.jit.mctk.auth.constant.PNXClientSignMechanism;
import cn.com.jit.mctk.auth.exception.PNXAuthClientException;
import cn.com.jit.mctk.auth.handler.HardCardHandler;
import cn.com.jit.mctk.auth.handler.IAuthHandler;
import cn.com.jit.mctk.common.exception.PNXClientException;
import cn.com.jit.mctk.common.manager.BaseManager;
import cn.com.jit.mctk.common.util.CommonUtil;
import cn.com.jit.mctk.log.config.MLog;
import cn.com.jit.mctk.os.util.TextUtils;
import java.io.IOException;

/* loaded from: classes.dex */
public class AuthenticationManager extends BaseManager {
    IAuthHandler authHandler;
    private String TAG = getClass().getSimpleName();
    protected PNXClientSignMechanism rsaSignType = PNXClientSignMechanism.SHA256_RSA;
    protected PNXClientSignMechanism sm2SignType = PNXClientSignMechanism.SM3_SM2;

    protected byte[] getCertSignData(String str, String str2) throws PNXAuthClientException {
        return getCertSignData(str, str2, null);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public byte[] getCertSignData(String str, String str2, String str3) throws PNXAuthClientException {
        if (TextUtils.isEmpty(str3)) {
            str3 = CommonUtil.genOriginal();
        }
        return getP7SignData(str, str3, str2);
    }

    public String getErrorDesc() {
        String errorCode = getErrorCode();
        return (errorCode == null || errorCode.length() <= 0) ? "" : MessageCodeDesc.getDesc(errorCode);
    }

    protected byte[] getP7SignData(String str, String str2, String str3) throws PNXAuthClientException {
        String str4 = MessageCode.C0200701;
        reset();
        String signMechanism = this.rsaSignType.getSignMechanism();
        boolean z = false;
        try {
            try {
                KeyEntry queryKeyEntry = this.authHandler.queryKeyEntry(str, str3);
                if (CommonUtil.isSM2Cert(queryKeyEntry.getCert())) {
                    signMechanism = this.sm2SignType.getSignMechanism();
                    z = true;
                }
                Session session = this.authHandler.getSession();
                Mechanism mechanism = new Mechanism(signMechanism);
                PKCS7 pkcs7 = new PKCS7(session);
                pkcs7.setIsSMP7(z);
                P7Param p7Param = new P7Param();
                p7Param.SetSignParam(queryKeyEntry.getKey(), mechanism, new X509Cert[]{queryKeyEntry.getCert()}, (X509CRL[]) null, (DERObject[]) null, (DERObject[]) null);
                return pkcs7.genP7_Sign(str2.getBytes(), new P7Param[]{p7Param}, true);
            } catch (PKIException e) {
                e = e;
                MLog.e(this.TAG, "CertSign PKIException", e);
                e.printStackTrace();
                throw new PNXAuthClientException("C0200002", e);
            } catch (PNXAuthClientException e2) {
                e = e2;
                MLog.e("getP7SignData", "PNXAuthClientException", e);
                setErrorCode(e.getErrorCode());
                throw e;
            } catch (PNXClientException e3) {
                e = e3;
                MLog.e(this.TAG, "CertSign PNXClientException", e);
                if (!TextUtils.isEmpty(e.getErrorCode())) {
                    str4 = e.getErrorCode();
                }
                throw new PNXAuthClientException(str4, e.getErrorDesc(), e);
            } catch (IOException e4) {
                e = e4;
                MLog.e(this.TAG, "CertSign IOException", e);
                throw new PNXAuthClientException("C0200001", e);
            } catch (Exception e5) {
                e = e5;
                MLog.e(this.TAG, "CertSign Exception", e);
                if (!isHardCard()) {
                    str4 = "C0200202";
                }
                throw new PNXAuthClientException(str4, e);
            }
        } catch (PKIException e6) {
            e = e6;
        } catch (PNXAuthClientException e7) {
            e = e7;
        } catch (PNXClientException e8) {
            e = e8;
        } catch (IOException e9) {
            e = e9;
        } catch (Exception e10) {
            e = e10;
        }
    }

    protected boolean isHardCard() {
        return this.authHandler instanceof HardCardHandler;
    }

    public void setHandler(IAuthHandler iAuthHandler) {
        this.authHandler = iAuthHandler;
        iAuthHandler.setBind(this.bind);
        this.authHandler.setContext(this.context);
    }

    public void setSignMechanism(PNXClientSignMechanism pNXClientSignMechanism, PNXClientSignMechanism pNXClientSignMechanism2) {
        if (pNXClientSignMechanism != null && "RSA".equals(pNXClientSignMechanism.getEncrptyMechanism())) {
            this.rsaSignType = pNXClientSignMechanism;
        }
        if (pNXClientSignMechanism2 == null || !"SM2".equals(pNXClientSignMechanism.getEncrptyMechanism())) {
            return;
        }
        this.sm2SignType = pNXClientSignMechanism2;
    }
}
