package com.cfca.util.pki.pkcs;

import com.cfca.util.pki.PKIBaseConfig;
import com.cfca.util.pki.PKIException;
import com.cfca.util.pki.Parser;
import com.cfca.util.pki.asn1.ASN1OctetString;
import com.cfca.util.pki.asn1.ASN1Sequence;
import com.cfca.util.pki.asn1.ASN1Set;
import com.cfca.util.pki.asn1.DERBitString;
import com.cfca.util.pki.asn1.DERObjectIdentifier;
import com.cfca.util.pki.asn1.DERSequence;
import com.cfca.util.pki.asn1.pkcs.PKCSObjectIdentifiers;
import com.cfca.util.pki.asn1.pkcs.pkcs10.CertificationRequest;
import com.cfca.util.pki.asn1.pkcs.pkcs10.CertificationRequestInfo;
import com.cfca.util.pki.asn1.x509.AlgorithmIdentifier;
import com.cfca.util.pki.asn1.x509.RSAPublicKeyStructure;
import com.cfca.util.pki.asn1.x509.X509Name;
import com.cfca.util.pki.asn1.x9.X9ObjectIdentifiers;
import com.cfca.util.pki.cipher.JCrypto;
import com.cfca.util.pki.cipher.JKey;
import com.cfca.util.pki.cipher.JKeyPair;
import com.cfca.util.pki.cipher.Mechanism;
import com.cfca.util.pki.cipher.Session;
import com.cfca.util.pki.encoders.Base64;
import com.taobao.weex.ui.module.WXModalUIModule;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStreamReader;
import java.util.Hashtable;

/* loaded from: classes2.dex */
public class PKCS10 {
    public static boolean LoadedConfigFile = false;
    public static final String MD2_RSA = "MD2withRSAEncryption";
    public static final String MD5_RSA = "MD5withRSAEncryption";
    public static final String SHA1_DSA = "SHA1withDSA";
    public static final String SHA1_EC_DES = "SHA1withECDSA";
    public static final String SHA1_RSA = "SHA1withRSAEncryption";
    public static final String SHA256_EC_DES = "SHA256withECDSA";
    public static final String SHA256_RSA = "SHA256withRSAEncryption";
    private Session session;
    private static Hashtable algs = new Hashtable();
    private static Hashtable oids = new Hashtable();
    public static final DERObjectIdentifier OID_PKCS9_63 = new DERObjectIdentifier("1.2.840.113549.1.9.63");
    public static final DERObjectIdentifier OID_PKCS9_62 = new DERObjectIdentifier("1.2.840.113549.1.9.62");
    private String subject = null;
    private JKey pubKey = null;
    private ASN1Set attributes = null;
    private boolean needVerify = false;

    static {
        algs.put("SHA1withRSAEncryption", PKCSObjectIdentifiers.sha1WithRSAEncryption);
        algs.put("SHA256withRSAEncryption", PKCSObjectIdentifiers.sha256WithRSAEncryption);
        algs.put("MD5withRSAEncryption", PKCSObjectIdentifiers.md5WithRSAEncryption);
        algs.put("MD2withRSAEncryption", PKCSObjectIdentifiers.md2WithRSAEncryption);
        algs.put("SHA1withDSA", PKCSObjectIdentifiers.sha1WithDSA);
        algs.put("SHA1withECDSA", X9ObjectIdentifiers.ecdsa_with_SHA1);
        algs.put("SHA256withECDSA", X9ObjectIdentifiers.ecdsa_with_SHA256);
        algs.put("SCHwithECDSA", X9ObjectIdentifiers.sm3_with_SM2);
        oids.put(PKCSObjectIdentifiers.sha256WithRSAEncryption, new Mechanism("SHA256withRSAEncryption"));
        oids.put(PKCSObjectIdentifiers.sha1WithRSAEncryption, new Mechanism("SHA1withRSAEncryption"));
        oids.put(PKCSObjectIdentifiers.md5WithRSAEncryption, new Mechanism("MD5withRSAEncryption"));
        oids.put(PKCSObjectIdentifiers.md2WithRSAEncryption, new Mechanism("MD2withRSAEncryption"));
        oids.put(PKCSObjectIdentifiers.sha1WithDSA, new Mechanism("SHA1withDSA"));
        oids.put(X9ObjectIdentifiers.ecdsa_with_SHA1, new Mechanism("SHA1withECDSA"));
        oids.put(X9ObjectIdentifiers.ecdsa_with_SHA256, new Mechanism("SHA256withECDSA"));
        oids.put(X9ObjectIdentifiers.sm3_with_SM2, new Mechanism("SCHwithECDSA"));
    }

    public PKCS10(Session session) {
        this.session = null;
        this.session = session;
    }

    public static void main(String[] strArr) {
        try {
            JCrypto jCrypto = JCrypto.getInstance();
            jCrypto.initialize(JCrypto.JHARD_LIB, null);
            Session openSession = jCrypto.openSession(JCrypto.JHARD_LIB);
            JKeyPair generateKeyPair = openSession.generateKeyPair(new Mechanism(Mechanism.ECC), 256);
            new PKCS10(openSession).generateCertificationRequestData_B64("SHA1withECDSA", "CN=041@112341234@1243124@00000001,OU=Customers,O=CFCA,C=CN", generateKeyPair.getPublicKey(), null, generateKeyPair.getPrivateKey());
            System.out.println(WXModalUIModule.OK);
        } catch (Exception e) {
            System.out.println(e.toString());
        }
    }

    public CertificationRequest generateCertificationRequest(String str, String str2, JKey jKey, ASN1Set aSN1Set, JKey jKey2) throws PKIException {
        this.subject = str2;
        this.pubKey = jKey;
        this.attributes = aSN1Set;
        X509Name x509Name = new X509Name(str2);
        DERObjectIdentifier dERObjectIdentifier = (DERObjectIdentifier) algs.get(str);
        if (dERObjectIdentifier == null) {
            throw new PKIException(PKIException.GEN_P10_ERR, "产生P10申请书失败 不支持的签名算法 " + str);
        }
        if (str2 == null) {
            throw new PKIException(PKIException.GEN_P10_ERR, "产生P10申请书失败 主题信息必须不为空");
        }
        if (jKey == null) {
            throw new PKIException(PKIException.GEN_P10_ERR, "产生P10申请书失败 公钥必须不为空");
        }
        if (jKey2 == null) {
            throw new PKIException(PKIException.GEN_P10_ERR, "产生P10申请书失败 签名私钥必须不为空");
        }
        AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(dERObjectIdentifier, null);
        CertificationRequestInfo certificationRequestInfo = new CertificationRequestInfo(x509Name, Parser.key2SPKI(jKey), aSN1Set);
        return new CertificationRequest(certificationRequestInfo, algorithmIdentifier, new DERBitString(this.session.sign((Mechanism) oids.get(dERObjectIdentifier), jKey2, Parser.writeDERObj2Bytes(certificationRequestInfo.getDERObject()))));
    }

    public byte[] generateCertificationRequestData_B64(String str, String str2, JKey jKey, ASN1Set aSN1Set, JKey jKey2) throws PKIException {
        return Base64.encode(Parser.writeDERObj2Bytes(generateCertificationRequest(str, str2, jKey, aSN1Set, jKey2).getDERObject()));
    }

    public byte[] generateCertificationRequestData_DER(String str, String str2, JKey jKey, ASN1Set aSN1Set, JKey jKey2) throws PKIException {
        return Parser.writeDERObj2Bytes(generateCertificationRequest(str, str2, jKey, aSN1Set, jKey2).getDERObject());
    }

    public ASN1Set getAttributes() {
        return this.attributes;
    }

    public JKey getPubKey() {
        return this.pubKey;
    }

    public String getSubject() {
        return this.subject;
    }

    public String getTmpPupKeyFromAttributes(ASN1Set aSN1Set) throws PKIException {
        if (aSN1Set.size() <= 1) {
            return null;
        }
        ASN1Sequence aSN1Sequence = (ASN1Sequence) aSN1Set.getObjectAt(1);
        DERObjectIdentifier dERObjectIdentifier = DERObjectIdentifier.getInstance(aSN1Sequence.getObjectAt(0));
        if (dERObjectIdentifier.equals(OID_PKCS9_63)) {
            byte[] octets = ((ASN1OctetString) Parser.oct2Seq(ASN1OctetString.getInstance(aSN1Sequence.getObjectAt(1))).getObjectAt(1)).getOctets();
            return getPubKey().getKeyType().equals(JKey.RSA_PUB_KEY) ? new String(Base64.encode(Parser.writeDERObj2Bytes(new RSAPublicKeyStructure((DERSequence) Parser.writeBytes2DERObj(octets)).getDERObject()))) : new String(Base64.encode(octets));
        }
        throw new PKIException(PKIException.PARSE_P10_ERR, PKIException.PARSE_P10_ERR_ATTRI_ID, new Exception("Not support the Attributes[1] Type ID:" + dERObjectIdentifier.getId()));
    }

    public void load(CertificationRequest certificationRequest) throws PKIException {
        DERObjectIdentifier objectId = certificationRequest.getSignatureAlgorithm().getObjectId();
        Mechanism mechanism = (Mechanism) oids.get(objectId);
        if (mechanism == null) {
            throw new PKIException(PKIException.GEN_P10_ERR, "产生P10申请书失败 不支持的签名算法 " + objectId.toString());
        }
        byte[] bytes = certificationRequest.getSignature().getBytes();
        CertificationRequestInfo certificationRequestInfo = certificationRequest.getCertificationRequestInfo();
        byte[] writeDERObj2Bytes = Parser.writeDERObj2Bytes(certificationRequestInfo.getDERObject());
        this.pubKey = Parser.SPKI2Key(certificationRequestInfo.getSubjectPublicKeyInfo());
        this.needVerify = PKIBaseConfig.isVerifyP10Signature();
        if (this.needVerify && !this.session.verifySign(mechanism, this.pubKey, writeDERObj2Bytes, bytes)) {
            throw new PKIException(PKIException.PARSE_P10_ERR, "解析P10申请书失败 签名验证失败");
        }
        this.subject = certificationRequestInfo.getSubject().toString();
        this.attributes = certificationRequestInfo.getAttributes();
    }

    public void load(byte[] bArr) throws PKIException {
        BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(new ByteArrayInputStream(bArr)));
        try {
            if (bufferedReader.readLine().toUpperCase().indexOf("BEGIN NEW CERTIFICATE REQUEST") != -1) {
                StringBuffer stringBuffer = new StringBuffer();
                while (true) {
                    String readLine = bufferedReader.readLine();
                    if (readLine == null || readLine.toUpperCase().indexOf("END NEW CERTIFICATE REQUEST") != -1) {
                        break;
                    } else {
                        stringBuffer.append(readLine);
                    }
                }
                bArr = Base64.decode(Parser.convertBase64(stringBuffer.toString().getBytes()));
            } else if (Parser.isBase64Encode(bArr)) {
                bArr = Base64.decode(Parser.convertBase64(bArr));
            }
            try {
                if (bArr[0] != 48) {
                    throw new Exception();
                }
                load(new CertificationRequest((ASN1Sequence) Parser.writeBytes2DERObj(bArr)));
            } catch (Exception unused) {
                throw new PKIException(PKIException.PARSE_P10_ERR, PKIException.PARSE_P10_ERR_DES, new Exception("The PKCS10 CertificationRequest content error."));
            }
        } catch (IOException e) {
            throw new PKIException(PKIException.PARSE_P10_ERR, PKIException.PARSE_P10_ERR_DES, e);
        }
    }
}
