package com.itrus.util.sign;

import com.alipay.sdk.encrypt.d;
import com.itrus.cert.X509Certificate;
import com.itrus.cryptorole.bc.RecipientBcImpl;
import com.itrus.cryptorole.bc.SenderBcImpl;
import com.itrus.svm.SignerAndEncryptedDigest;
import com.itrus.util.DERUtils;
import java.io.BufferedReader;
import java.io.File;
import java.io.FileReader;
import java.io.FileWriter;
import java.io.IOException;
import org.bouncycastle.util.encoders.Base64;

/* loaded from: classes.dex */
public class RSAWithHardware {
    private static String DINPAY_KEY_VERSION;
    private static File versionFile = null;
    private SenderBcImpl signSenderBc;
    private RecipientBcImpl recipient = new RecipientBcImpl();
    private String DINPAY_CN = "E=tsm@ddbill.com, CN=DINPAY001, OU=技术部, O=智付电子支付有限公司";

    private static void checkDinpayKeyVersion(String str) {
        FileWriter fileWriter;
        FileWriter fileWriter2;
        String substring = str.indexOf("OU=V:") > 0 ? str.substring(str.indexOf("OU=V:") + 5) : null;
        if (DINPAY_KEY_VERSION == null || "".equals(DINPAY_KEY_VERSION.trim())) {
            if (substring == null || "".equals(substring.trim())) {
                return;
            }
            String trim = substring.trim();
            FileWriter fileWriter3 = null;
            try {
                try {
                    fileWriter = new FileWriter(versionFile);
                } catch (Throwable th) {
                    th = th;
                }
            } catch (IOException e) {
                e = e;
            }
            try {
                fileWriter.write(trim);
                fileWriter.flush();
                if (fileWriter != null) {
                    try {
                        fileWriter.close();
                    } catch (IOException e2) {
                        e2.printStackTrace();
                    }
                }
            } catch (IOException e3) {
                e = e3;
                fileWriter3 = fileWriter;
                e.printStackTrace();
                if (fileWriter3 != null) {
                    try {
                        fileWriter3.close();
                    } catch (IOException e4) {
                        e4.printStackTrace();
                    }
                }
                return;
            } catch (Throwable th2) {
                th = th2;
                fileWriter3 = fileWriter;
                if (fileWriter3 != null) {
                    try {
                        fileWriter3.close();
                    } catch (IOException e5) {
                        e5.printStackTrace();
                    }
                }
                throw th;
            }
            return;
        }
        if (substring == null || "".equals(substring.trim())) {
            throw new RuntimeException("dinpayKey version has outdated!");
        }
        String trim2 = substring.trim();
        int compareTo = DINPAY_KEY_VERSION.compareTo(trim2);
        if (compareTo > 0) {
            throw new RuntimeException("dinpayKey version has outdated!");
        }
        if (compareTo < 0) {
            FileWriter fileWriter4 = null;
            try {
                try {
                    fileWriter2 = new FileWriter(versionFile);
                } catch (IOException e6) {
                    e = e6;
                }
            } catch (Throwable th3) {
                th = th3;
            }
            try {
                fileWriter2.write(trim2);
                fileWriter2.flush();
                if (fileWriter2 != null) {
                    try {
                        fileWriter2.close();
                    } catch (IOException e7) {
                        e7.printStackTrace();
                    }
                }
            } catch (IOException e8) {
                e = e8;
                fileWriter4 = fileWriter2;
                e.printStackTrace();
                if (fileWriter4 != null) {
                    try {
                        fileWriter4.close();
                    } catch (IOException e9) {
                        e9.printStackTrace();
                    }
                }
            } catch (Throwable th4) {
                th = th4;
                fileWriter4 = fileWriter2;
                if (fileWriter4 != null) {
                    try {
                        fileWriter4.close();
                    } catch (IOException e10) {
                        e10.printStackTrace();
                    }
                }
                throw th;
            }
        }
    }

    public void initSigner(String str, String str2) throws Exception {
        this.signSenderBc = new SenderBcImpl();
        this.signSenderBc.initCertWithKey(str, str2.toCharArray());
        this.signSenderBc.setSignAlgorithm(d.a);
        versionFile = new File(new File(str).getParentFile(), "dinpayRSAKeyVersion");
        if (versionFile.exists()) {
            DINPAY_KEY_VERSION = new BufferedReader(new FileReader(versionFile)).readLine();
        } else {
            versionFile.createNewFile();
        }
    }

    public String signByPriKey(String str) {
        try {
            return new String(Base64.encode(this.signSenderBc.signMessage(DERUtils.BytesToHexString(str.getBytes("UTF-8")).getBytes("UTF-8"))));
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    public boolean validateSignByPubKey(String str, String str2, String str3) {
        try {
            SignerAndEncryptedDigest verifyAndParsePkcs7 = this.recipient.verifyAndParsePkcs7(DERUtils.BytesToHexString(str2.getBytes("UTF-8")).getBytes("UTF-8"), Base64.decode(str3));
            X509Certificate x509Certificate = X509Certificate.getInstance(verifyAndParsePkcs7.getSigner());
            DERUtils.HexStringToBytes(new String(verifyAndParsePkcs7.getOriData()));
            checkDinpayKeyVersion(x509Certificate.getSubjectDNString());
            String name = this.signSenderBc.getSignerCert().getSubjectX500Principal().getName();
            String substring = name.substring(name.indexOf("CN=") + 3);
            if (substring.contains(",")) {
                substring = substring.substring(0, substring.indexOf(","));
            }
            if (str.equals(substring)) {
                return true;
            }
            throw new RuntimeException("validate sign failed:merchant_code is not equal.merchant_code in pfx is " + substring + ",but merchant_code in params is " + str);
        } catch (Exception e) {
            e.printStackTrace();
            return false;
        }
    }
}
