package cn.org.bjca.signet.component.core.h;

import android.content.Context;
import android.os.Bundle;
import android.os.Environment;
import android.os.Handler;
import cn.org.bjca.mssp.clientalg.util.ByteArrayUtil;
import cn.org.bjca.mssp.clientalg.util.CipherUtil;
import cn.org.bjca.mssp.clientalg.util.EncodeUtil;
import cn.org.bjca.mssp.clientalg.util.SEMSM2Util;
import cn.org.bjca.mssp.msspjce.jcajce.provider.asymmetric.util.SM2Util;
import cn.org.bjca.mssp.msspjce.jce.provider.MSSPProvider;
import cn.org.bjca.signet.component.core.bean.params.OfflineSignStoreBean;
import cn.org.bjca.signet.component.core.f.InterfaceC0196c;
import cn.org.bjca.signet.component.core.utils.C0208a;
import cn.org.bjca.signet.component.core.utils.C0211d;
import cn.org.bjca.signet.component.core.utils.C0213f;
import cn.org.bjca.signet.component.core.utils.J;
import cn.org.bjca.signet.component.core.utils.M;
import cn.org.bjca.signet.component.core.utils.N;
import com.km.reader.IConstantH;
import com.kmbat.doctor.ui.activity.BookReadActivity;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.Security;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.interfaces.RSAPublicKey;
import java.util.Date;

/* loaded from: classes.dex */
public final class q implements InterfaceC0196c, Runnable {

    /* renamed from: a, reason: collision with root package name */
    private Context f130a;
    private Handler b;
    private Bundle c;
    private String d;

    static {
        Security.addProvider(new MSSPProvider());
    }

    private q() {
    }

    public q(Context context, Handler handler, Bundle bundle, String str) {
        this.f130a = context;
        this.b = handler;
        this.c = bundle;
        this.d = str;
        C0213f.a(context);
    }

    @Override // java.lang.Runnable
    public final void run() {
        String str;
        String a2;
        byte[] bArr;
        try {
            String string = this.c.getString(InterfaceC0196c.r);
            String string2 = this.c.getString(InterfaceC0196c.s);
            String string3 = this.c.getString(InterfaceC0196c.A);
            String string4 = this.c.getString(InterfaceC0196c.t);
            String b = M.b(this.f130a, "CURRENT_MSSP_ID");
            if (string.contains("RSA")) {
                str = string4.equalsIgnoreCase("AUTH") ? "_RSA_OFFLINE_AUTH_CERT" : "_RSA_OFFLINE_SIGN_CERT";
            } else if (string.contains("SM2")) {
                str = string4.equalsIgnoreCase("AUTH") ? "_SM2_OFFLINE_AUTH_CERT" : "_SM2_OFFLINE_SIGN_CERT";
            } else {
                str = "";
            }
            String a3 = cn.org.bjca.signet.component.core.c.a.a(this.f130a).a(b, str);
            if (N.a(a3)) {
                throw new cn.org.bjca.signet.component.core.d.a("0x14300001", "本地无证书");
            }
            try {
                Certificate generateCertificate = CertificateFactory.getInstance("X509", MSSPProvider.PROVIDER_NAME).generateCertificate(new ByteArrayInputStream(N.b(a3)));
                if (string2.equalsIgnoreCase("HASH")) {
                    a2 = string3;
                } else {
                    try {
                        a2 = string.contains("SM3") ? N.a(SM2Util.SM3ForSignature(string3.getBytes("utf-8"), SEMSM2Util.getPoint(generateCertificate.getPublicKey()))) : N.a(CipherUtil.hash(string.split("with")[0], string3.getBytes("utf-8")));
                    } catch (Exception e) {
                        throw new cn.org.bjca.signet.component.core.d.a(e.getMessage());
                    }
                }
                try {
                    String replace = str.replace("_CERT", "_RANDOM");
                    String a4 = C0211d.a(this.f130a, string3, string, this.d, b, replace);
                    if (replace.contains("SM2")) {
                        if (!SEMSM2Util.verify(generateCertificate.getPublicKey(), N.b(a4), N.b(a2))) {
                            throw new cn.org.bjca.signet.component.core.d.a("offlineSign SM2 verify signature error");
                        }
                    } else if (replace.contains("RSA")) {
                        BigInteger modulus = ((RSAPublicKey) generateCertificate.getPublicKey()).getModulus();
                        byte[] bigInteger2ByteArray = EncodeUtil.bigInteger2ByteArray(EncodeUtil.byteArray2BigInteger(N.b(a4)).modPow(BigInteger.valueOf(65537L), modulus), (modulus.bitLength() + 7) / 8);
                        String str2 = string.split("with")[0];
                        byte[] b2 = N.b(a2);
                        if (str2.equalsIgnoreCase("sha1")) {
                            if (b2.length == 20) {
                                bArr = new byte[35];
                                System.arraycopy(EncodeUtil.bigInteger2ByteArray(new BigInteger("3021300906052b0e03021a05000414", 16)), 0, bArr, 0, 15);
                                System.arraycopy(b2, 0, bArr, 15, 20);
                            } else {
                                if (b2.length != 35) {
                                    throw new RuntimeException("hash length error,length=" + b2.length);
                                }
                                bArr = b2;
                            }
                        } else {
                            if (!str2.equalsIgnoreCase("sha256")) {
                                throw new RuntimeException("hash alg not support");
                            }
                            if (b2.length == 32) {
                                bArr = new byte[51];
                                System.arraycopy(EncodeUtil.bigInteger2ByteArray(new BigInteger("3031300d060960864801650304020105000420", 16)), 0, bArr, 0, 19);
                                System.arraycopy(b2, 0, bArr, 19, 32);
                            } else {
                                if (b2.length != 51) {
                                    throw new RuntimeException("hash length error,length=" + b2.length);
                                }
                                bArr = b2;
                            }
                        }
                        if (!ByteArrayUtil.equalValue(bigInteger2ByteArray, C0211d.a(bArr, modulus.bitLength()))) {
                            throw new cn.org.bjca.signet.component.core.d.a("offlineSign RSA verify signature error");
                        }
                    }
                    OfflineSignStoreBean offlineSignStoreBean = new OfflineSignStoreBean();
                    offlineSignStoreBean.setAlgoPolicy(string);
                    offlineSignStoreBean.setHash(a2);
                    offlineSignStoreBean.setSignatrue(a4);
                    offlineSignStoreBean.setSignCert(a3);
                    offlineSignStoreBean.setSignDate(Long.valueOf(new Date().getTime()));
                    String b3 = M.b(this.f130a, "APP_ID");
                    String a5 = J.a(offlineSignStoreBean);
                    File file = new File(Environment.getExternalStorageDirectory().getAbsolutePath() + cn.org.bjca.signet.component.core.f.r.f121a + IConstantH.d + b3 + IConstantH.d + b.substring(0, 9) + IConstantH.d + offlineSignStoreBean.getSignDate() + BookReadActivity.POSTFIX);
                    try {
                        file.createNewFile();
                        FileOutputStream fileOutputStream = new FileOutputStream(file);
                        fileOutputStream.write(a5.getBytes("utf-8"));
                        fileOutputStream.close();
                        cn.org.bjca.signet.component.core.e.o.b_.put("ERR_CODE", "0x00000000");
                        cn.org.bjca.signet.component.core.e.o.b_.put("ERR_MSG", "成功");
                        cn.org.bjca.signet.component.core.e.o.b_.put("OFFLINE_CERT", a3);
                        cn.org.bjca.signet.component.core.e.o.b_.put("OFFLINE_SIGNATURE", a4);
                        C0208a.a(2110, (Object) null, this.b);
                    } catch (IOException e2) {
                        throw new cn.org.bjca.signet.component.core.d.a(e2.getMessage());
                    }
                } catch (Exception e3) {
                    throw new cn.org.bjca.signet.component.core.d.a(e3.getMessage());
                }
            } catch (Exception e4) {
                throw new cn.org.bjca.signet.component.core.d.a(e4.getMessage());
            }
        } catch (cn.org.bjca.signet.component.core.d.a e5) {
            C0208a.a(e5, this.b);
        } finally {
            C0213f.a();
        }
    }
}
