package com.dareway.framework.dda;

import com.dareway.framework.common.GlobalNames;
import com.dareway.framework.exception.AppException;
import com.dareway.framework.exception.BusinessException;
import com.dareway.framework.util.DataObject;
import com.dareway.framework.util.DataStore;
import com.dareway.framework.util.SecUtil;
import com.dareway.framework.util.Sql;
import com.king.zxing.util.LogUtils;
import com.umeng.commonsdk.proguard.ar;
import java.security.KeyFactory;
import java.security.MessageDigest;
import java.security.PublicKey;
import java.security.Signature;
import java.security.spec.X509EncodedKeySpec;
import java.util.HashMap;
import java.util.List;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes.dex */
public class DdaUtil {
    private static final String ENCODE_ALGORITHM = "SHA-256";
    private static final String KEY_ALGORITHM = "RSA";
    private static final String ROOT_PUBLIC_KEY = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCfmkQhl2JegarcqICaUHXXGi5PG5DtjFYdqsyRKaP7MiQw59sOGQI+KZdULOLSDcXdLebZZ3z709/06/EOokCTSKVby4Tz3oFPQxTquvrYmL9zaNhqnh3hHLVBrswbjo/gbkOS3zyidtHnlA6jZySedfa7NNTncqRM8Tg+6UK3MQIDAQAB";
    private static final String SIGNATURE_ALGORITHM = "SHA256withRSA";

    private static byte[] SHA256(String str) throws AppException {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(ENCODE_ALGORITHM);
            messageDigest.update(str.getBytes(GlobalNames.DEFAULT_ENCODING));
            return messageDigest.digest();
        } catch (Exception e) {
            e.printStackTrace();
            throw new AppException("取HASH值异常！");
        }
    }

    public static DataObject getDDAInfo(String str) throws BusinessException, AppException {
        Sql sql = new Sql();
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append(" select ddabasestr,authtypeid,licenseetypecode, ");
        stringBuffer.append(" \tlicenseetypename,licenseeid,licenseename, ");
        stringBuffer.append(" \tlicenseeadditionalinfor,authtext,dwdigitalauthversion ");
        stringBuffer.append(" from sep.dda_info ");
        stringBuffer.append(" where dwdigitalauthid = ? ");
        sql.setSql(stringBuffer.toString());
        sql.setString(1, str);
        DataStore executeQuery = sql.executeQuery();
        if (executeQuery.rowCount() != 1) {
            throw new BusinessException("验证数字证书异常：数字证书ID【" + str + "】对应的信息不存在！");
        }
        String string = executeQuery.getString(0, "authtypeid");
        String string2 = executeQuery.getString(0, "licenseetypecode");
        String string3 = executeQuery.getString(0, "licenseetypename");
        String string4 = executeQuery.getString(0, "licenseeid");
        String string5 = executeQuery.getString(0, "licenseename");
        String string6 = executeQuery.getString(0, "licenseeadditionalinfor");
        String string7 = executeQuery.getString(0, "authtext");
        String string8 = executeQuery.getString(0, "dwdigitalauthversion");
        DataObject verifyDDA = verifyDDA(executeQuery.getString(0, "ddabasestr"));
        if (!"t".equals(verifyDDA.getString("ret"))) {
            throw new AppException("信息获取异常：导入的数字授权书，验签失败！");
        }
        String string9 = verifyDDA.getString("dwdigitalauthid");
        if (!string9.equals(str)) {
            throw new AppException("信息获取异常：数字授权书ID不符！");
        }
        String string10 = verifyDDA.getString("authtypeid");
        if (!string10.equals(string)) {
            throw new AppException("信息获取异常：数字授权类别ID不符！");
        }
        String string11 = verifyDDA.getString("licenseetypecode");
        if (!string11.equals(string2)) {
            throw new AppException("信息获取异常：持证人类型代码不符！");
        }
        String string12 = verifyDDA.getString("licenseetypename");
        if (!string12.equals(string3)) {
            throw new AppException("信息获取异常：持证人类型名称不符！");
        }
        String string13 = verifyDDA.getString("licenseeid");
        if (!string13.equals(string4)) {
            throw new AppException("信息获取异常：持证人ID不符！");
        }
        String string14 = verifyDDA.getString("licenseename");
        if (!string14.equals(string5)) {
            throw new AppException("信息获取异常：持证人名称不符！");
        }
        String string15 = verifyDDA.getString("licenseeadditionalinfor");
        if (!string15.equals(string6)) {
            throw new AppException("信息获取异常：持证人附加信息不符！");
        }
        String string16 = verifyDDA.getString("authtext");
        if (!string16.equals(string7)) {
            throw new AppException("信息获取异常：授权文本不符！");
        }
        String string17 = verifyDDA.getString("dwdigitalauthversion");
        if (!string17.equals(string8)) {
            throw new AppException("信息获取异常：授权书版本不符！");
        }
        DataObject dataObject = new DataObject();
        dataObject.put("ddaid", (Object) string9);
        dataObject.put("ddabb", (Object) string17);
        dataObject.put("ddalb", (Object) string10);
        dataObject.put("czrlx", (Object) string11);
        dataObject.put("czrlxmc", (Object) string12);
        dataObject.put("czrid", (Object) string13);
        dataObject.put("czrmc", (Object) string14);
        dataObject.put("czrfjxx", (Object) string15);
        dataObject.put("sqwb", (Object) string16);
        return dataObject;
    }

    private static PublicKey getRootPublicKey() throws AppException {
        try {
            return KeyFactory.getInstance(KEY_ALGORITHM).generatePublic(new X509EncodedKeySpec(SecUtil.base64Decode(ROOT_PUBLIC_KEY)));
        } catch (Exception e) {
            e.printStackTrace();
            throw new AppException("获取根证书异常！");
        }
    }

    public static DataObject importDDA(String str) throws BusinessException, AppException {
        DataObject verifyDDA = verifyDDA(str);
        if (!"t".equals(verifyDDA.getString("ret"))) {
            DataObject dataObject = new DataObject();
            dataObject.put("impflag", (Object) "0");
            dataObject.put("impcont", (Object) "即不存在，也未导入");
            return dataObject;
        }
        String string = verifyDDA.getString("dwdigitalauthid");
        String string2 = verifyDDA.getString("dwdigitalauthversion");
        String string3 = verifyDDA.getString("authtypeid");
        String string4 = verifyDDA.getString("licenseetypecode");
        String string5 = verifyDDA.getString("licenseetypename");
        String string6 = verifyDDA.getString("licenseeid");
        String string7 = verifyDDA.getString("licenseename");
        String string8 = verifyDDA.getString("licenseeadditionalinfor");
        String string9 = verifyDDA.getString("authtext");
        Sql sql = new Sql();
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append(" select 1 ");
        stringBuffer.append(" from sep.dda_info a ");
        stringBuffer.append(" where a.dwdigitalauthid = ? ");
        sql.setSql(stringBuffer.toString());
        sql.setString(1, string);
        if (sql.executeQuery().rowCount() > 0) {
            DataObject dDAInfo = getDDAInfo(string);
            dDAInfo.put("impflag", (Object) "1");
            dDAInfo.put("impcont", (Object) "已存在，无需导入");
            return dDAInfo;
        }
        stringBuffer.setLength(0);
        stringBuffer.append(" insert into sep.dda_info ");
        stringBuffer.append(" \t(dwdigitalauthid,authtypeid, ");
        stringBuffer.append(" \tlicenseetypecode,licenseetypename, ");
        stringBuffer.append(" \tlicenseeid,licenseename,licenseeadditionalinfor, ");
        stringBuffer.append(" \tauthtext,ddabasestr,dwdigitalauthversion) ");
        stringBuffer.append(" values (?,?,?,?,?,?,?,?,?,?) ");
        sql.setSql(stringBuffer.toString());
        sql.setString(1, string);
        sql.setString(2, string3);
        sql.setString(3, string4);
        sql.setString(4, string5);
        sql.setString(5, string6);
        sql.setString(6, string7);
        sql.setString(7, string8);
        sql.setString(8, string9);
        sql.setString(9, str);
        sql.setString(10, string2);
        sql.executeUpdate();
        DataObject dataObject2 = new DataObject();
        dataObject2.put("ddaid", (Object) string);
        dataObject2.put("ddabb", (Object) string2);
        dataObject2.put("ddalb", (Object) string3);
        dataObject2.put("czrlx", (Object) string4);
        dataObject2.put("czrlxmc", (Object) string5);
        dataObject2.put("czrid", (Object) string6);
        dataObject2.put("czrmc", (Object) string7);
        dataObject2.put("czrfjxx", (Object) string8);
        dataObject2.put("sqwb", (Object) string9);
        dataObject2.put("impflag", (Object) "2");
        dataObject2.put("impcont", (Object) "成功导入");
        return dataObject2;
    }

    private static boolean verify(String str, byte[] bArr, byte[] bArr2) throws AppException {
        byte[] base64Decode = SecUtil.base64Decode(str);
        byte[] bArr3 = {48, -127, -97, 48, ar.k, 6, 9, 42, -122, 72, -122, -9, ar.k, 1, 1, 1, 5, 0, 3, -127, -115, 0};
        byte[] bArr4 = new byte[base64Decode.length + bArr3.length];
        System.arraycopy(bArr3, 0, bArr4, 0, bArr3.length);
        System.arraycopy(base64Decode, 0, bArr4, bArr3.length, base64Decode.length);
        try {
            PublicKey generatePublic = KeyFactory.getInstance(KEY_ALGORITHM).generatePublic(new X509EncodedKeySpec(bArr4));
            Signature signature = Signature.getInstance("SHA1withRSA");
            signature.initVerify(generatePublic);
            signature.update(bArr);
            return signature.verify(bArr2);
        } catch (Exception e) {
            throw new AppException("数字授权书认证异常：验证异常！", e);
        }
    }

    private static boolean verifyByCA(byte[] bArr, byte[] bArr2) throws AppException {
        try {
            Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM);
            signature.initVerify(getRootPublicKey());
            signature.update(bArr);
            return signature.verify(bArr2);
        } catch (Exception e) {
            e.printStackTrace();
            throw new AppException("CA认证数字证书异常！");
        }
    }

    private static DataObject verifyDDA(String str) throws BusinessException, AppException {
        if (str == null || str.trim().isEmpty()) {
            throw new BusinessException("数字授权书认证异常：数字授权书为空！");
        }
        String str2 = new String(SecUtil.base64Decode(str));
        if (str2 != null) {
            str2 = str2.replace("\r", "").replace("\n", "");
        }
        try {
            Nodes readXmlByString = new XmlParser().readXmlByString(str2);
            if (!"dwDigitalAuthRoot".equals(readXmlByString.getTagName())) {
                throw new BusinessException("数字授权书认证异常：数字授权书XML文件解析错误！");
            }
            List<Nodes> subNodes = readXmlByString.getSubNodes();
            HashMap hashMap = new HashMap();
            for (int i = 0; i < subNodes.size(); i++) {
                Nodes nodes = subNodes.get(i);
                hashMap.put(nodes.getTagName(), nodes.getValue());
            }
            String trim = ((String) hashMap.get("dwDigitalAuthVersion")).trim();
            String trim2 = ((String) hashMap.get("dwDigitalAuthId")).trim();
            String trim3 = ((String) hashMap.get("authTypeId")).trim();
            String trim4 = ((String) hashMap.get("licenseeTypeCode")).trim();
            String trim5 = ((String) hashMap.get("licenseeTypeName")).trim();
            String trim6 = ((String) hashMap.get("licenseeId")).trim();
            String trim7 = ((String) hashMap.get("licenseeName")).trim();
            String trim8 = ((String) hashMap.get("licenseeAdditionalInfor")).trim();
            String trim9 = ((String) hashMap.get("authText")).trim();
            String trim10 = ((String) hashMap.get("digitalSignature")).trim();
            String str3 = trim + LogUtils.VERTICAL + trim2 + LogUtils.VERTICAL + trim3 + LogUtils.VERTICAL + trim4 + LogUtils.VERTICAL + trim5 + LogUtils.VERTICAL + trim6 + LogUtils.VERTICAL + trim7 + LogUtils.VERTICAL + trim8 + LogUtils.VERTICAL + trim9;
            String trim11 = ((String) hashMap.get("signerII")).trim();
            if (!verifyByCA(SHA256(trim11), SecUtil.base64Decode(((String) hashMap.get("signerIIDigitalSignature")).trim()))) {
                throw new BusinessException("根证书验证失败！");
            }
            try {
                String str4 = verify(new JSONObject(trim11).getString("publickey"), SHA256(str3), SecUtil.base64Decode(trim10)) ? "t" : "f";
                DataObject dataObject = new DataObject();
                dataObject.put("ret", (Object) str4);
                dataObject.put("dwdigitalauthid", (Object) trim2);
                dataObject.put("dwdigitalauthversion", (Object) trim);
                dataObject.put("authtypeid", (Object) trim3);
                dataObject.put("licenseetypecode", (Object) trim4);
                dataObject.put("licenseetypename", (Object) trim5);
                dataObject.put("licenseeid", (Object) trim6);
                dataObject.put("licenseename", (Object) trim7);
                dataObject.put("licenseeadditionalinfor", (Object) trim8);
                dataObject.put("authtext", (Object) trim9);
                return dataObject;
            } catch (JSONException e) {
                throw new AppException("二级证书信息格式不是JSON");
            }
        } catch (Exception e2) {
            throw new AppException("数字授权书认证异常：数字授权书XML串解析异常！", e2);
        }
    }
}
