package com.cfca.util.pki.api;

import com.cfca.util.pki.PKIException;
import com.cfca.util.pki.Parser;
import com.cfca.util.pki.cert.X509Cert;
import com.cfca.util.pki.cipher.JCrypto;
import com.cfca.util.pki.cipher.JKey;
import com.cfca.util.pki.cipher.Mechanism;
import com.cfca.util.pki.cipher.Session;
import com.cfca.util.pki.cipher.lib.JSoftLib;
import com.cfca.util.pki.cipher.param.CBCParam;
import com.cfca.util.pki.cms.CMSEnvelopedData;
import com.cfca.util.pki.cms.CMSEnvelopedDataGenerator;
import com.cfca.util.pki.cms.CMSEnvelopedDataStreamGenerator;
import com.cfca.util.pki.cms.CMSProcessableByteArray;
import com.cfca.util.pki.cms.RecipientId;
import com.cfca.util.pki.cms.RecipientInformation;
import com.cfca.util.pki.cms.RecipientInformationStore;
import com.cfca.util.pki.encoders.Base64;
import com.cfca.util.pki.pkcs.PKCS7EncryptedData;
import com.cfca.util.pki.pkcs.PKCS7EnvelopedData;
import java.io.BufferedInputStream;
import java.io.BufferedOutputStream;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.math.BigInteger;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;

/* loaded from: input_file:com/cfca/util/pki/api/EnvelopUtil.class */
public class EnvelopUtil {
    public static final String RC4 = "RC4";
    public static final String DES_ECB = "DES/ECB/PKCS7Padding";
    public static final String DES_CBC = "DES/CBC/PKCS7Padding";
    public static final String DES3_ECB = "DESede/ECB/PKCS7Padding";
    public static final String DES3_CBC = "DESede/CBC/PKCS7Padding";
    public static final String DIGEST_SHA1 = "1.3.14.3.2.26";
    public static final String DIGEST_MD5 = "1.2.840.113549.2.5";
    private List recipientCerts = new ArrayList();
    private X509Cert signerCert = null;
    public boolean cmsFlag = false;

    public void addRecipient(X509Cert x509Cert) throws PKIException {
        this.recipientCerts.add(x509Cert);
    }

    public void setCMSFlag() {
        this.cmsFlag = true;
    }

    public byte[] envelopeMessage(byte[] bArr, String str, Session session) throws PKIException {
        Mechanism mechanism;
        if (!str.equals("RC4") && !str.equals("DES/ECB/PKCS7Padding") && !str.equals("DES/CBC/PKCS7Padding") && !str.equals("DESede/ECB/PKCS7Padding") && !str.equals("DESede/CBC/PKCS7Padding")) {
            throw new PKIException(CertAppKitException.API_UNSUPPORT_ENC_TYPE_ERR, CertAppKitException.API_UNSUPPORT_ENC_TYPE_ERR_DES);
        }
        CMSEnvelopedDataGenerator cMSEnvelopedDataGenerator = new CMSEnvelopedDataGenerator(session);
        if (this.recipientCerts.size() == 0) {
            throw new PKIException(CertAppKitException.API_NO_RECIPIENT_CERT_ERR, CertAppKitException.API_NO_RECIPIENT_CERT_ERR_DES);
        }
        for (X509Cert x509Cert : this.recipientCerts) {
            if (this.cmsFlag) {
                JKey publicKey = x509Cert.getPublicKey();
                if (x509Cert.getSubjectKeyIdentifier() == null) {
                    throw new PKIException(CertAppKitException.API_NO_SUBPUBKEY_ERR, CertAppKitException.API_NO_SUBPUBKEY_ERR_DES);
                }
                cMSEnvelopedDataGenerator.addKeyTransRecipient(publicKey, x509Cert.getSubjectKeyIdentifier().getSubKeyIdentifier());
            } else {
                cMSEnvelopedDataGenerator.addKeyTransRecipient(x509Cert);
            }
        }
        if (str.indexOf("CBC") > 0 && str.indexOf("AES") > 0) {
            CBCParam cBCParam = new CBCParam();
            cBCParam.setIv(EncryptUtil.IV_16);
            mechanism = new Mechanism(str, cBCParam);
        } else if (str.indexOf("CBC") > 0) {
            CBCParam cBCParam2 = new CBCParam();
            cBCParam2.setIv(EncryptUtil.IV_8);
            mechanism = new Mechanism(str, cBCParam2);
        } else {
            mechanism = new Mechanism(str);
        }
        try {
            return Base64.encode(cMSEnvelopedDataGenerator.generate(new CMSProcessableByteArray(bArr), mechanism).getEncoded());
        } catch (Exception e) {
            throw new PKIException(CertAppKitException.API_GEN_MSG_ENVELOP_ERR, CertAppKitException.API_GEN_MSG_ENVELOP_ERR_DES, e);
        }
    }

    public byte[] openEnvelopedMessage(byte[] bArr, JKey jKey, X509Cert x509Cert, Session session) throws PKIException {
        byte[] bArr2 = (byte[]) null;
        try {
            if (x509Cert == null || jKey == null) {
                throw new PKIException(CertAppKitException.API_PARSE_FILE_ENVELOP_NULL_PARAM_ERR, CertAppKitException.API_PARSE_FILE_ENVELOP_NULL_PARAM_ERR_DES);
            }
            RecipientInformationStore recipientInfos = new CMSEnvelopedData(Base64.decode(bArr)).getRecipientInfos();
            String issuer = x509Cert.getIssuer();
            BigInteger serialNumber = x509Cert.getSerialNumber();
            byte[] subKeyIdentifier = x509Cert.getSubjectKeyIdentifier().getSubKeyIdentifier();
            boolean z = false;
            for (RecipientInformation recipientInformation : recipientInfos.getRecipients()) {
                RecipientId rid = recipientInformation.getRID();
                String issuerAsString = rid.getIssuerAsString();
                BigInteger serialNumber2 = rid.getSerialNumber();
                byte[] subjectKeyIdentifier = rid.getSubjectKeyIdentifier();
                if ((subjectKeyIdentifier != null && Arrays.equals(subjectKeyIdentifier, subKeyIdentifier)) || (issuer.equals(issuerAsString) && serialNumber.compareTo(serialNumber2) == 0)) {
                    z = true;
                }
                bArr2 = recipientInformation.getContent(Parser.convertPrivateKey(jKey), "BC");
            }
            if (z) {
                return bArr2;
            }
            throw new PKIException("850634", "使用的私钥证书和封装数字信封的公钥证书不匹配");
        } catch (Exception e) {
            throw new PKIException(CertAppKitException.API_PARSER_MSG_ENVELOP_ERR, new StringBuffer("解析消息数字信封失败 ").append(e.toString()).toString(), e);
        }
    }

    public byte[] envelopeMS(byte[] bArr, String str, String str2, JKey jKey, X509Cert x509Cert, X509Cert x509Cert2, Session session) throws PKIException {
        Mechanism mechanism;
        if (!str.equals("RC4") && !str.equals("DES/ECB/PKCS7Padding") && !str.equals("DES/CBC/PKCS7Padding") && !str.equals("DESede/ECB/PKCS7Padding") && !str.equals("DESede/CBC/PKCS7Padding")) {
            throw new PKIException(CertAppKitException.API_UNSUPPORT_ENC_TYPE_ERR, CertAppKitException.API_UNSUPPORT_ENC_TYPE_ERR_DES);
        }
        if (!str2.equals(DIGEST_SHA1) && !str2.equals(DIGEST_MD5)) {
            throw new PKIException(CertAppKitException.API_UNSUPPORT_DIGEST_TYPE_ERR, CertAppKitException.API_UNSUPPORT_DIGEST_TYPE_ERR_DES);
        }
        if (str.indexOf("CBC") > 0 && str.indexOf("AES") > 0) {
            CBCParam cBCParam = new CBCParam();
            cBCParam.setIv(EncryptUtil.IV_16);
            mechanism = new Mechanism(str, cBCParam);
        } else if (str.indexOf("CBC") > 0) {
            CBCParam cBCParam2 = new CBCParam();
            cBCParam2.setIv(EncryptUtil.IV_8);
            mechanism = new Mechanism(str, cBCParam2);
        } else {
            mechanism = new Mechanism(str);
        }
        PKCS7EnvelopedData pKCS7EnvelopedData = new PKCS7EnvelopedData(session);
        return Base64.encode(pKCS7EnvelopedData.generateCryptoAPISignAndEnvContent(pKCS7EnvelopedData.generateSignAndEnvDataExtendCryptAPI(PKCS7EncryptedData.DATA, bArr, str2, mechanism, jKey, x509Cert2, x509Cert)));
    }

    public byte[] openEnvelopedMS(byte[] bArr, JKey jKey, Session session) throws PKIException {
        if (jKey == null) {
            throw new PKIException(CertAppKitException.API_PARSE_FILE_ENVELOP_NULL_PARAM_ERR, CertAppKitException.API_PARSE_FILE_ENVELOP_NULL_PARAM_ERR_DES);
        }
        PKCS7EnvelopedData pKCS7EnvelopedData = new PKCS7EnvelopedData(session);
        pKCS7EnvelopedData.loadBase64(bArr);
        byte[] contentExtendCryptoAPI = pKCS7EnvelopedData.getContentExtendCryptoAPI(jKey);
        this.signerCert = PKCS7EnvelopedData.signerCert;
        return contentExtendCryptoAPI;
    }

    public void envelopeFile(String str, String str2, int i, String str3, Session session) throws PKIException {
        Mechanism mechanism;
        CMSEnvelopedDataStreamGenerator cMSEnvelopedDataStreamGenerator = new CMSEnvelopedDataStreamGenerator(session);
        if (this.recipientCerts.size() == 0) {
            throw new PKIException(CertAppKitException.API_NO_RECIPIENT_CERT_ERR, CertAppKitException.API_NO_RECIPIENT_CERT_ERR_DES);
        }
        if (!str3.equals("RC4") && !str3.equals("DES/ECB/PKCS7Padding") && !str3.equals("DES/CBC/PKCS7Padding") && !str3.equals("DESede/ECB/PKCS7Padding") && !str3.equals("DESede/CBC/PKCS7Padding")) {
            throw new PKIException(CertAppKitException.API_UNSUPPORT_ENC_TYPE_ERR, CertAppKitException.API_UNSUPPORT_ENC_TYPE_ERR_DES);
        }
        if (str3.indexOf("CBC") > 0 && str3.indexOf("AES") > 0) {
            CBCParam cBCParam = new CBCParam();
            cBCParam.setIv(EncryptUtil.IV_16);
            mechanism = new Mechanism(str3, cBCParam);
        } else if (str3.indexOf("CBC") > 0) {
            CBCParam cBCParam2 = new CBCParam();
            cBCParam2.setIv(EncryptUtil.IV_8);
            mechanism = new Mechanism(str3, cBCParam2);
        } else {
            mechanism = new Mechanism(str3);
        }
        for (X509Cert x509Cert : this.recipientCerts) {
            if (this.cmsFlag) {
                JKey publicKey = x509Cert.getPublicKey();
                if (x509Cert.getSubjectKeyIdentifier() == null) {
                    throw new PKIException(CertAppKitException.API_NO_SUBPUBKEY_ERR, CertAppKitException.API_NO_SUBPUBKEY_ERR_DES);
                }
                cMSEnvelopedDataStreamGenerator.addKeyTransRecipient(publicKey, x509Cert.getSubjectKeyIdentifier().getSubKeyIdentifier());
            } else {
                cMSEnvelopedDataStreamGenerator.addKeyTransRecipient(x509Cert);
            }
        }
        try {
            if (session instanceof JSoftLib) {
                FileOutputStream fileOutputStream = new FileOutputStream(str2);
                BufferedOutputStream bufferedOutputStream = new BufferedOutputStream(cMSEnvelopedDataStreamGenerator.open(fileOutputStream, mechanism), i);
                FileInputStream fileInputStream = new FileInputStream(str);
                BufferedInputStream bufferedInputStream = new BufferedInputStream(fileInputStream, i);
                int available = fileInputStream.available();
                int i2 = 0;
                byte[] bArr = new byte[i];
                while (true) {
                    if (i2 >= available) {
                        break;
                    }
                    int read = bufferedInputStream.read(bArr);
                    if (read != -1) {
                        bufferedOutputStream.write(bArr, 0, read);
                        i2 += read;
                    } else if (available != i2) {
                        throw new Exception("读取原文数据错误");
                    }
                }
                bufferedInputStream.close();
                bufferedOutputStream.close();
                fileOutputStream.close();
                return;
            }
            FileOutputStream fileOutputStream2 = new FileOutputStream(str2);
            BufferedOutputStream bufferedOutputStream2 = new BufferedOutputStream(cMSEnvelopedDataStreamGenerator.open(fileOutputStream2, mechanism), i);
            FileInputStream fileInputStream2 = new FileInputStream(str);
            BufferedInputStream bufferedInputStream2 = new BufferedInputStream(fileInputStream2, i);
            int available2 = fileInputStream2.available();
            int i3 = 0;
            byte[] bArr2 = new byte[i];
            while (true) {
                if (i3 >= available2) {
                    break;
                }
                int read2 = bufferedInputStream2.read(bArr2);
                if (read2 != -1) {
                    bufferedOutputStream2.write(bArr2, 0, read2);
                    i3 += read2;
                } else if (available2 != i3) {
                    throw new Exception("读取原文数据错误");
                }
            }
            bufferedInputStream2.close();
            bufferedOutputStream2.close();
            fileOutputStream2.close();
        } catch (Exception e) {
            throw new PKIException(CertAppKitException.API_GEN_FILE_ENVELOP_ERR, new StringBuffer("产生文件数字信封失败 ").append(e.getMessage()).toString(), e);
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:22:0x0139 A[Catch: Exception -> 0x0147, TryCatch #0 {Exception -> 0x0147, blocks: (B:6:0x0016, B:7:0x0125, B:9:0x006c, B:11:0x0099, B:14:0x00b7, B:15:0x0107, B:17:0x00fd, B:19:0x0118, B:26:0x00a3, B:29:0x00ad, B:20:0x012f, B:22:0x0139, B:23:0x0146, B:36:0x000a, B:37:0x0015), top: B:2:0x0002 }] */
    /* JADX WARN: Removed duplicated region for block: B:25:0x016b A[RETURN] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void openEnvelopedFile(java.lang.String r8, java.lang.String r9, int r10, com.cfca.util.pki.cipher.JKey r11, com.cfca.util.pki.cert.X509Cert r12, com.cfca.util.pki.cipher.Session r13) throws com.cfca.util.pki.PKIException {
        /*
            Method dump skipped, instructions count: 364
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.cfca.util.pki.api.EnvelopUtil.openEnvelopedFile(java.lang.String, java.lang.String, int, com.cfca.util.pki.cipher.JKey, com.cfca.util.pki.cert.X509Cert, com.cfca.util.pki.cipher.Session):void");
    }

    public X509Cert getSignerCert() {
        return this.signerCert;
    }

    public static void main(String[] strArr) {
        try {
            JCrypto jCrypto = JCrypto.getInstance();
            jCrypto.initialize("JSOFT_LIB", (Object) null);
            Session openSession = jCrypto.openSession("JSOFT_LIB");
            JKey priKey = KeyUtil.getPriKey("F:\\解密文件\\解密文件\\server.pfx", "123456");
            X509Cert generateCert = CertUtil.generateCert("F:\\解密文件\\解密文件\\server.cer");
            EnvelopUtil envelopUtil = new EnvelopUtil();
            envelopUtil.addRecipient(generateCert);
            envelopUtil.openEnvelopedFile("F:\\解密文件\\解密文件\\900000000000015044", "F:\\解密文件\\解密文件\\900000000000015044.enc", 32768, priKey, generateCert, openSession);
            new String(envelopUtil.openEnvelopedMessage(envelopUtil.envelopeMessage("aaaaa".getBytes(), "DES/CBC/PKCS7Padding", openSession), priKey, generateCert, openSession));
        } catch (PKIException e) {
            System.out.println(new StringBuffer("错误码:").append(e.getErrCode()).toString());
            System.out.println(new StringBuffer("错误信息:").append(e.getErrDesc()).toString());
            e.getHistory();
        }
    }
}
